02Jan2010 (UTC +8) This is for some of my friends out there:
The most painless way of installing w3af is using "sudo apt-get install --install-recommends w3af' on Ubuntu, or download an .exe installer from http://sourceforge.net/projects/w3af/files/w3af/ for MS Windows. Unfortunately, you won't get the latest and greatest w3af version that way. So, for the latest & greatest version on Ubuntu: 0. Download from http://sourceforge.net/projects/w3af/files/w3af/ like this example: "wget -S -c -v -t 0 -c --output-document=~/Downloads/w3af-1.0-rc4.tar.bz2 http://nchc.dl.sourceforge.net/project/w3af/w3af/w3af%201.0-rc4/w3af-1.0-rc4.tar.bz2"; 1. "sudo apt-get install --install-recommends w3af' 2. Uncompress w3af-1.0-rc4.tar.bz2 and follow the instructions from ~/Downloads/w3af/readme/EN/w3af-users-guide.pdf as below: cd w3af cd extlib cd fpconst-0.7.2 python setup.py install cd .. cd SOAPpy python setup.py install cd .. cd pyPdf python setup.py install 3. "sudo time cp -vR ~username/Downloads/w3af/* /usr/share/w3af/" 4. Run "/usr/bin/w3af" and enjoy! This is a far better experience compared to how it was some 3.5 years[1] ago :) [1] First time I heard of w3af and checked it out: ========================================================== from: Andres Riancho <[email protected]> to: [email protected], [email protected], [email protected] date: Mon, Jun 11, 2007 at 02:20 subject: [TOOL] w3af - Web Application Attack and Audit Framework List, I'm glad to present w3af ( Web Application Attack and Audit Framework ) , a fully automated auditing and exploiting framework for the web. This framework has been developed for almost a year and has the following features: [...] ========================================================== Drexx Laggui -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA http://www.laggui.com ( Manila & California ) Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer PGP fingerprint = 0117 15C5 F3B1 6564 59EA 6013 1308 9A66 41A2 3F9B ------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
