Menu
▾
▴
W3AF-en
W3AF
Phase(s):
Primary: Discovery.
Secondary: Mapping, Exploitation.
Description:
Tool that helps identify vulnerabilities in a web application. Provides a variety of plugins to perform several tests and gather information about the web application.
Objective:
- Detect vulnerabilities present in a web application.
- Obtain a sitemap of the web application.
- Obtain the payload to exploit the detected vulnerabilities.
- Obtain information about the web server and operative system.
- Exploit the detected vulnerabilities.
Features:
Supported technologies:Web applications (HTTP/ HTTPS).
Operative mode: Active.
Detect vulnerabilities present in a web application.
- Customizable plugin selection for vulnerabilities such as: Cross Site Script, Path Traversal, Sql
- Injection, XPATH Injection, Information Disclousure, etc.
- Each plugin provides detailed information about its usage and configuration.
- Provides default customizable scan profiles such as full, quick or OWAS Top Ten scan.
- Provide a list of detected vulnerabilities along with its petition (request and response).
Obtain a sitemap of the web application.
- Customizable plugin selection to perform a spidering on the web application.
- Provides a graphical diagram of the web application URLs.
Obtain the payload to exploit the detected vulnerabilities.
- Provides the payload used to detect the vulnerability.
Obtain information about the web server and operative system.
- Provides information about the web server and operative system.
Exploit the detected vulnerabilities.
- Provides the following exploitation modules:
- davShell.
- Eval.
- fileUploadShell.
- localFileReader.
- osCommandingShell.
- remoteFileIncludeSheell.
- rfiProxy.
- Sql_webshell.
- Sqlmap.
Reports:
Output reports: ✔
Reports in HTML, Plain text or XML format which include the following information:
- Enabled plugins used in the scan along with its configuration.
- Detected vulnerabilities that include the method used, URL, parameters and payload.
- Provides the ability to send the report via email requiring the mail server information.
Basic usage:
Perform a customized scan on a web application. Start the tool and type the web application URL address on the “Target:” textbox.
Select the desired profile enabling or disabling features required for the scan.
Type in the name of the report to be exported. When the configuration is done, click on the “Start” button.
The tool will begin with the scan displaying the progress on the “Log” tab. Each of the plugins enabled will be listed upon its execution. On the progress bar will displayed the required time to complete the scan. The results will be displayed on the graphic chart flagging in red the detected vulnerabilities.
When the scan is completed the “Results” tab will contain the full scan details on 3 sub-tabs:
- Detected vulnerabilities on the “KB Browser” tab.
- Graphical diagram and tree list of the URLs detected through the spidering “URLS” tab.
- List of the performed test in the scan on the “Request/Response Navigator”.
The “KB Browser” tab provides a set list of the detected vulnerabilities. By selecting any of them additional information will be presented: description of test performed, response and request.
On the “URLs” tab display the detected URLs on the spidering in:
- Tree listing.
- Graphical diagram.
The “Request/Response Navigator” tab presents all the petitions made by the tool during the scan on the web application for further analysis.
Finally on the “Exploit” tab are presented the exploits and vulnerabilities available to be executed with the tool.
Resources:
Link: http://w3af.sourceforge.net
Author(s): Michal Zalewski
Contact:
Usuarios: w3af-users [at] lists.sourceforge.net
Desarrolladores: w3af-develop [at] lists.sourceforge.net
License: GNU GENERAL PUBLIC LICENSE Version 2