Hello, Andres! I would like to contribute it. Тарас Иващенко (Taras Ivashchenko) -- "Software is like sex: it's better when it's free.", - Linus Torvalds.
2008/12/23 Andres Riancho <[email protected]>: > List, > > I'm looking for a contributor to finish up a small section of the > audit.sslCertificate plugin. > > I've been coding this plugin and I've got to a section where my > knowledge is scarce and my research time is *so* limited that I won't > be able to do it by myself. My problem is in the "def > _analyze_cert(self, cert, ssl_conn):" method of the > audit.sslCertificate plugin, where tests related to the SSL > certificate of the remote website should be implemented. I've been > doing some google searches and I found these links that might help: > > - http://www.nessus.org/plugins/index.php?view=single&id=26928 > - http://www.nessus.org/plugins/index.php?view=single&id=31705 > > The idea is to check if the ciphers used are safe, if the SSL > version is ok, if the certificate has expired or not, if it's self > signed, and other security related things about the cert. If you want > to help, just download the latest w3af version from the SVN in order > to get the latest plugin version, answer this email to the mailing > list and just start working =) > > Thanks in advance! > > Cheers, > -- > Andres Riancho > http://w3af.sourceforge.net/ > Web Application Attack and Audit Framework > > ------------------------------------------------------------------------------ > _______________________________________________ > W3af-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/w3af-users > ------------------------------------------------------------------------------ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
