[sqlmap-users] w3af REST API recommendations
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] w3af REST API recommendations
|
From: Andres R. <and...@gm...> - 2014-03-20 15:01:27
|
List,
I'm going to abuse the list a little bit, and poke your brains for
a while, so be prepared :)
The w3af project wants to implement its own REST API to expose the
w3afCore and KnowledgeBase objects. The core allows users to configure
the plugins and start the scan, and the knowledge base holds the
vulnerabilities.
You guys implemented a REST API for sqlmap, which has been up and
running for a while now.
What I wanted to know is:
* What's the technology stack you guys used for creating the REST API?
* Were you happy with it? Would you use something different if
you had the chance?
* Have you tested the API under heavy load?
* Do you have the concept of sessions and users in the API? Why not?
* Any recommendations on API design? (paths, results, hrefs, etc.)
Thanks!
Regards,
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
|
