w3af is an open-source web application security scanner. The project provides a vulnerability scanner and exploitation tool for Web applications.It provides information about security vulnerabilities and aids in penetration testing efforts.
This cross-platform tool is available in all of the popular operating systems such as Microsoft Windows, Linux,Mac OS X, FreeBSD and OpenBSD and is written in the Python programming language. Users have the choice between a graphic user interface and a command-line interface.
w3af identifies most web application vulnerabilities using more than 130 plug-ins. After identification, vulnerabilities like (blind) SQL injections, OS commanding, remote file inclusions (PHP), cross-site scripting(XSS), and unsafe file uploads, can be exploited in order to gain different types of access to the remote system.
TUTORIAL FOR THIS: http://www.youtube.com/watch?v=dapqNO7K_xI
No comments:
Post a Comment