w3af is an Open-source free Web Application Attack and Audit Framework
w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications.
The scanner is able to identify 200+ vulnerabilities, including Cross-Site Scripting, SQL injection and OS commanding.
Features
- User-friendly
- Command-line interface
- GUI app
- Extenisable with plugins
- Dozens of SQL injection tools
- Proxy support
- HTTP Basic and Digest authentication
- UserAgent faking
- Add custom headers to requests
- Cookie handling
- HTTP response cache
- DNS cache
- File upload using multipart
- Multiple outputs
- Email notification
Fuzzing engine
w3af can inject your payloads into almost every part of the HTTP request:
- Query string
- POST-data
- Headers
- Cookie values
- Multipart/form file content
- URL filename
- URL path
License
Free app
Resources & Downloads
GitHub - andresriancho/w3af: w3af: web application attack and audit framework, the open source web vulnerability scanner.
w3af: web application attack and audit framework, the open source web vulnerability scanner. - GitHub - andresriancho/w3af: w3af: web application attack and audit framework, the open source web vul…
andresriancho
