2009/7/2 Andres Riancho <[email protected]>: > pUm, > > On Thu, Jul 2, 2009 at 10:31 AM, pUm<[email protected]> wrote: >> Thanks Zach and Andres, >> >> The "nonTarget" option is not my solution for this one (or can you >> reverse/negate it via regex again?), because it's going into the wrong >> direction (deny something, instead of allowing something). Normaly >> that's not a big deal, but I come across a few web apps where a >> blacklist is just too much and only a whitelist is a good option. > > Then... it's open source, you could add a validTarget options =) >
mhm sorry, I did not want to blast somebody. I'd just the need to scan one target, and I must make sure that no other sites will be tested. w3af is still a good scanner for me, but not for this project. Thanks for the answer that I could just add it by myself - I did not think of that ... ;-) >> I did not checked the spider option, but I guess that this will not >> affect other discovery plugins, correct? > > No, it only affects the webSpider that means w3af does not have the option to rectrict scanning. thanks for your input thats all I need to know. > >> cheers >> >> sven >> >> 2009/7/2 Andres Riancho <[email protected]>: >>> pUm, >>> >>> On Thu, Jul 2, 2009 at 4:37 AM, pUm<[email protected]> wrote: >>>> Hi, >>>> >>>> I just noted that w3af does not care about the path you provide to it. >>>> For example a customer has got >>>> http://www.example.com/client1/ >>>> http://www.example.com/client2/ >>>> http://www.example.com/client3/ >>>> http://www.example.com/client4/ >>>> http://www.example.com/client5/ >>>> ... >>>> and I want to scan http://www.example.com/client35/ only, it is not >>>> possible, because at http://www.example.com/index.html w3af will find >>>> a list with all sub directories. >>>> >>>> I just found the option to exclude a certain domain, but I need to >>>> make sure that the scanner is only testing against >>>> http://www.example.com/client35/ and not any other domain or path >>>> below ... >>>> >>>> Is it possible? I did not found a option... >>> >>> Check the misc settings "nonTarget" option. >>> Also check the webSpider discovery plugin options. >>> >>>> cheers >>>> >>>> sven >>>> >>>> ------------------------------------------------------------------------------ >>>> _______________________________________________ >>>> W3af-users mailing list >>>> [email protected] >>>> https://lists.sourceforge.net/lists/listinfo/w3af-users >>>> >>> >>> >>> >>> -- >>> Andrés Riancho >>> Founder, Bonsai - Information Security >>> http://www.bonsai-sec.com/ >>> http://w3af.sf.net/ >>> >> > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ > ------------------------------------------------------------------------------ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
