As you all seem to pretty interested in Inguma, there’s something else similar called w3af - the fifth BETA was released a while back and the team are now working on the sixth.
w3af is a Web application attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and We did mention when it was first released - w3af - Web Application Attack and Audit Framework.
There are a lot of small changes, but the basic and bigger ones are:
* Virtual daemon, a way to use Metasploit framework payloads/shellcodes while exploiting web applications.
* w3afAgent, a reverse VPN that allows you to route packets through the compromised server
* Good samaritan, a module that allows you to exploit blind sql injections much faster
* 20+ new plugins
* A lot of bug fixes
* A much more stable core
A full plugin
w3af - Plugins
The users guide can be found here:
users guide
The author has also uploaded the presentation material he made for the T2 conference in Finland - this can serve as a good introduction.
w3af-T2.pdf
FREE DOWNLOAD
w3af Fifth BETA
w3af Fifth BETA
Posted by Bijay | 2:43 AM | Database Hacking, Hacking Tools, Web Hacking | 0 comments »
Subscribe to:
Post Comments (Atom)
0 comments
Post a Comment