On Mon, Apr 23, 2012 at 9:40 AM, Taras <oxdef@...> wrote:
>>> * report generation improvements
>> Not sure how you guys are doing it now... but I think that the
>> best way to improve report generation is to apply some type of
>> "transformation" to the kb. For example, if you guys could save a
>> pickled kb to the database, maybe you could then provide the users
>> with a way of generating reports over that information.
> Currently we are moving reports to the DB to make possible analytics on it,
> vuln filtering/sorting and so on. Logic in 2 words: w3af_webui takes from
> w3af_console XML report, parses it and stores vulnerabilities in DB.
That's perfect since the XML report is one of the most complete ones
and will allow you guys to load it into the DB in such a way that
you'll be able to select on each field, summarize, sort, etc. Let me
know if the xmlFile plugins needs to be changed somehow in order to
accomodate the webUI needs.
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework