w3af's crawler should find that on it's own, if it doesn't it's because your application is heavily based on JavaScript (and w3af doesn't know how to crawl those yet).
Specifically answering your POST question, you could write a mangle plugin, like this one [0], which will modify the http method for each request before sending it to the wire. [0] https://github.com/andresriancho/w3af/blob/master/plugins/mangle/sed.py On Tue, Nov 12, 2013 at 4:00 PM, sandeep kumar bandaru <bandarusandeepku...@gmail.com> wrote: > We have implemented our app in such a way that, for all the dynamic url's, > POST navigation will be used and GET navigation for the static files > (images,js files, etc.,) > > Thanks, > Sandeep > > > On Fri, Nov 8, 2013 at 9:15 PM, Andres Riancho <andres.rian...@gmail.com> > wrote: >> >> I'm almost sure that POST for all requests is not what you need. Could >> you please better explain your requirements? >> >> On Fri, Nov 8, 2013 at 11:18 AM, sandeep kumar bandaru >> <bandarusandeepku...@gmail.com> wrote: >> > Hi, >> > >> > W3af is crawling through the pages (from the response page of a request) >> > only using the GET requests. The only request I can see the POST request >> > is >> > the authentication (even this has to be configured via the 'auth' >> > plugin). >> > >> > Problem here is most of the requests in our application are POST and >> > hence >> > unable to do the actual testing with this tool. >> > >> > Can you please let me know, how to configure w3af to crawl all the >> > requests >> > via POST method? >> > >> > >> > Thanks, >> > Sandeep >> > >> > >> > ------------------------------------------------------------------------------ >> > November Webinars for C, C++, Fortran Developers >> > Accelerate application performance with scalable programming models. >> > Explore >> > techniques for threading, error checking, porting, and tuning. Get the >> > most >> > from the latest Intel processors and coprocessors. See abstracts and >> > register >> > >> > http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk >> > _______________________________________________ >> > W3af-users mailing list >> > W3af-users@lists.sourceforge.net >> > https://lists.sourceforge.net/lists/listinfo/w3af-users >> > >> >> >> >> -- >> Andrés Riancho >> Project Leader at w3af - http://w3af.org/ >> Web Application Attack and Audit Framework >> Twitter: @w3af >> GPG: 0x93C344F3 > > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 ------------------------------------------------------------------------------ November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk _______________________________________________ W3af-users mailing list W3af-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-users