Thanks Drexx!!
Also, for new w3af users, they need to
"sudo apt-get install python-lxml"
if they are on debian.
-Brad Causey
CISSP, MCSE, C|EH, CIFI, CGSP
http://www.owasp.org
--
"Si vis pacem, para bellum"
--
On Sun, Jan 2, 2011 at 4:04 AM, Drexx Laggui [personal] <[email protected]>wrote:
> 02Jan2010 (UTC +8)
>
> This is for some of my friends out there:
>
> The most painless way of installing w3af is using "sudo apt-get
> install --install-recommends w3af' on Ubuntu, or download an .exe
> installer from http://sourceforge.net/projects/w3af/files/w3af/ for MS
> Windows.
>
> Unfortunately, you won't get the latest and greatest w3af version that way.
>
> So, for the latest & greatest version on Ubuntu:
>
> 0. Download from http://sourceforge.net/projects/w3af/files/w3af/ like
> this example:
>
> "wget -S -c -v -t 0 -c
> --output-document=~/Downloads/w3af-1.0-rc4.tar.bz2
>
> http://nchc.dl.sourceforge.net/project/w3af/w3af/w3af%201.0-rc4/w3af-1.0-rc4.tar.bz2
> "
>
> 1. "sudo apt-get install --install-recommends w3af'
>
> 2. Uncompress w3af-1.0-rc4.tar.bz2 and follow the instructions from
> ~/Downloads/w3af/readme/EN/w3af-users-guide.pdf as below:
> cd w3af
> cd extlib
> cd fpconst-0.7.2
> python setup.py install
> cd ..
> cd SOAPpy
> python setup.py install
> cd ..
> cd pyPdf
> python setup.py install
>
> 3. "sudo time cp -vR ~username/Downloads/w3af/* /usr/share/w3af/"
>
> 4. Run "/usr/bin/w3af" and enjoy!
>
> This is a far better experience compared to how it was some 3.5 years[1]
> ago :)
>
> [1] First time I heard of w3af and checked it out:
> ==========================================================
> from: Andres Riancho <[email protected]>
> to: [email protected], [email protected],
> [email protected]
> date: Mon, Jun 11, 2007 at 02:20
> subject: [TOOL] w3af - Web Application Attack and Audit Framework
>
> List,
>
> I'm glad to present w3af ( Web Application Attack and Audit
> Framework ) , a fully automated auditing and exploiting framework for
> the web. This framework has been developed for almost a year and has
> the following features:
> [...]
> ==========================================================
>
>
> Drexx Laggui -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA
> http://www.laggui.com ( Manila & California )
> Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer
> PGP fingerprint = 0117 15C5 F3B1 6564 59EA 6013 1308 9A66 41A2 3F9B
>
>
> ------------------------------------------------------------------------------
> Learn how Oracle Real Application Clusters (RAC) One Node allows customers
> to consolidate database storage, standardize their database environment,
> and,
> should the need arise, upgrade to a full multi-node Oracle RAC database
> without downtime or disruption
> http://p.sf.net/sfu/oracle-sfdevnl
> _______________________________________________
> W3af-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/w3af-users
>
------------------------------------------------------------------------------
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and,
should the need arise, upgrade to a full multi-node Oracle RAC database
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
