pUm, On Thu, Jul 2, 2009 at 10:31 AM, pUm<[email protected]> wrote: > Thanks Zach and Andres, > > The "nonTarget" option is not my solution for this one (or can you > reverse/negate it via regex again?), because it's going into the wrong > direction (deny something, instead of allowing something). Normaly > that's not a big deal, but I come across a few web apps where a > blacklist is just too much and only a whitelist is a good option.
Then... it's open source, you could add a validTarget options =) > I did not checked the spider option, but I guess that this will not > affect other discovery plugins, correct? No, it only affects the webSpider > cheers > > sven > > 2009/7/2 Andres Riancho <[email protected]>: >> pUm, >> >> On Thu, Jul 2, 2009 at 4:37 AM, pUm<[email protected]> wrote: >>> Hi, >>> >>> I just noted that w3af does not care about the path you provide to it. >>> For example a customer has got >>> http://www.example.com/client1/ >>> http://www.example.com/client2/ >>> http://www.example.com/client3/ >>> http://www.example.com/client4/ >>> http://www.example.com/client5/ >>> ... >>> and I want to scan http://www.example.com/client35/ only, it is not >>> possible, because at http://www.example.com/index.html w3af will find >>> a list with all sub directories. >>> >>> I just found the option to exclude a certain domain, but I need to >>> make sure that the scanner is only testing against >>> http://www.example.com/client35/ and not any other domain or path >>> below ... >>> >>> Is it possible? I did not found a option... >> >> Check the misc settings "nonTarget" option. >> Also check the webSpider discovery plugin options. >> >>> cheers >>> >>> sven >>> >>> ------------------------------------------------------------------------------ >>> _______________________________________________ >>> W3af-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/w3af-users >>> >> >> >> >> -- >> Andrés Riancho >> Founder, Bonsai - Information Security >> http://www.bonsai-sec.com/ >> http://w3af.sf.net/ >> > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ ------------------------------------------------------------------------------ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
