Thanks Zach and Andres, The "nonTarget" option is not my solution for this one (or can you reverse/negate it via regex again?), because it's going into the wrong direction (deny something, instead of allowing something). Normaly that's not a big deal, but I come across a few web apps where a blacklist is just too much and only a whitelist is a good option.
I did not checked the spider option, but I guess that this will not affect other discovery plugins, correct? cheers sven 2009/7/2 Andres Riancho <[email protected]>: > pUm, > > On Thu, Jul 2, 2009 at 4:37 AM, pUm<[email protected]> wrote: >> Hi, >> >> I just noted that w3af does not care about the path you provide to it. >> For example a customer has got >> http://www.example.com/client1/ >> http://www.example.com/client2/ >> http://www.example.com/client3/ >> http://www.example.com/client4/ >> http://www.example.com/client5/ >> ... >> and I want to scan http://www.example.com/client35/ only, it is not >> possible, because at http://www.example.com/index.html w3af will find >> a list with all sub directories. >> >> I just found the option to exclude a certain domain, but I need to >> make sure that the scanner is only testing against >> http://www.example.com/client35/ and not any other domain or path >> below ... >> >> Is it possible? I did not found a option... > > Check the misc settings "nonTarget" option. > Also check the webSpider discovery plugin options. > >> cheers >> >> sven >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> W3af-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/w3af-users >> > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ > ------------------------------------------------------------------------------ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
