Martin, On Mon, Nov 17, 2008 at 12:53 PM, Martin Tartarelli <[EMAIL PROTECTED]> wrote: > This made me remember an email sent some time ago ([Summary] w3af Top > 3 & Bottom 3) where we discussed the best and the worst of w3af. > > Summarized something like this... > - *BUGS* > - Reporting > - Release schedule > - Documentation > - Pause a scan, turn of computer, start again > - Client server architecture > > > Could include some of these points (to make) as a goal?
EXCELLENT email, we needed a flashback. For what I can tell, the *BUG* issue has been reduced, and will be reduced even more the following weeks. Related to the reporting, I think that in this thread, some of you mentioned that you wanted a "export KB tree" feature, which I think that would be related to the issue, and I'll code something to make that happen. Right now I have all my focus on making w3af more performant, and remove all the bugs, when I finish I'll go for the rest. Thanks for your input! > Cheers > > > 2008/11/17 Andres Riancho <[EMAIL PROTECTED]>: >> Seba, >> >> On Mon, Nov 17, 2008 at 12:03 PM, el draco <[EMAIL PROTECTED]> wrote: >>> hi folks, >>> >>> What about to make w3af a little bit more stable?, i know a lot of >>> people who get disappointed when w3af crashes or hang up. It even >>> makes me pray when i use it! >> >> Are you using the latest version? In the latest version I haven't >> found a crash in some time. I totally accept that 3 months ago w3af >> was buggy and crashed a lot... but now it's much better =) Maybe w3af >> still consumes a lot of memory, which I'm going to fix in a near >> future, but crashes shouldn't be a problem (outside the already >> reported ones in the bug tracker) >> >>> wish list: >>> - that w3af finish every scan without crashing, with a reasonable (not >>> all of them) amount of vulns i already know are there, and without a >>> great amount (not zero) of false positives. >>> >>> This is a good goal to me. >>> >>> And yes, i think that a feature freeze is the solution to this problem. >> >> LOL, you and your feature freeze =) >> In the last months, there has been almost no new features added to the >> framework. What we've been trying to do is to make w3af more stable. >> If you check all my commit messages for the last months, you are going >> to see a lot of "removed false positive", "increased performance", >> "fixed bug" ; and almost none with "New way of detecting sql >> injection". > > > -- > Martin Tartarelli > Linux User #476492 > http://owasp.org/index.php/Argentina > http://tartamar.blogspot.com > -- > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > W3af-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/w3af-users > -- Andres Riancho http://w3af.sourceforge.net/ Web Application Attack and Audit Framework ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
