Dear Andres,
thanks for a very detailed response. I would love to get involved in the
direction, suggested by you. however, I will have to see if I will be able to
devote enough time to take this task. I will let you know very soon.
Coming to the problem at hand: earlier I thought that it may not be that
complicated because from user manual, what i understood is that discovery phase
is actually generating "enough" information to build this graph. It is
following the links from a given page (outgoing edges) and I think, it also
generates or knows parameters to access a page on a given URL, if we need to
have ones, for example authentication info (user/password). So, we could just
take information generated by discovery phase and get the graph. But now, if
the project leader is himself saying that this is complicated, I am sure that
it IS. I underestimated the task :) so, it seems that if at all, I want this
info, i need to get into the water to fetch.
Can you give some approximate time, in hours, that you think would be required
to do this task?
Thanks & Regards
- Sanjay
________________________________
From: Andres Riancho <[email protected]>
To: Sanjay Rawat <[email protected]>
Cc: "[email protected]" <[email protected]>
Sent: Thursday, November 8, 2012 2:45 PM
Subject: Re: [W3af-users] w3ag output as link graph or FSM
Sanjay,
On Thu, Nov 8, 2012 at 5:58 AM, Sanjay Rawat <[email protected]> wrote:
>
> Hello,
> I understand that w3af can produce output in different formats. I am more
> interested in getting the output of "discovery" phase in a format that
> allows me to see the link relationship. What I mean by this is to have a
> graph like structure (or finite state machine FSM) where nodes are pages
> (links) and edges are links they points to. Additionally, it will be good to
> also have the parameter info (parameters of the URI/forms etc.to access the
> link along the edge) along the edges.
> Is it possible?
Everything is possible with open source software if you've got enough
time ;) But in this case, I think that it would take considerable time
to achieve what you want.
What can be done today with ease is to create a tree-like structure like this:
http://host.tld/
+ /foo/
\----/bar/
+ spam.html
+ def.html
\----abc.html
But if I understood correctly you a graph that represents this information:
* spam.html links to abc.html and def.html
* abc.html links to def.html
* def.html links to spam.html , abc.html, foo.html
* foo.html doesn't have any links
If you're interested in working on this let me know and I can guide
you through the code, but I warn you... w3af wasn't designed to do
this and it might involve some ugly code that we might not include
into the trunk.
Regards,
> Thanks
>
> Thanks & Regards
>
> - Sanjay
> http://www-verimag.imag.fr/~rawat/
>
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_d2d_nov
> _______________________________________________
> W3af-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/w3af-users
>
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_nov
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
