[W3af-develop] W3af Rest Api
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
[W3af-develop] W3af Rest Api
|
From: Gorantla s. <ah...@gm...> - 2015-06-30 02:00:34
|
Hello,
I'm currently trying to fetch http transaction data sent by w3af
using w3af Rest Api . According to this
<http://docs.w3af.org/en/latest/api/traffic.html> doc we can get the http
request and response data of a transaction of by sending a GET request
to /scans/<scan-id>/traffic/<traffic-id>
, it is also mentioned that traffic-id attribute can be accessed by sending
a GET request to /scans/<scan-id>/kb/<vulnerability-id> ,the docs
<http://docs.w3af.org/en/latest/api/kb.html> regarding /kb/ resource
mention that it returns only the list of vulnerabilities .So according to
docs we should be only able to fetch http transaction data of vulnerable
requests .
But in twitter andres riancho stated
<https://twitter.com/w3af/status/615570631204192256> that we can read all
http requests sent from scanner . First of all i would like to know how i
can i use rest api to fetch http data of scan started w3ag gui , we need
scan id to get scan details when i started a scan from w3af gui and then
sent request to /scans/0, /scans/1 , /scans/2 . It seems like we can only
get scan details of scan only if it is started using rest api . Can anyone
explain how can we get scan details of scan started from w3af-gui using
rest api and also how to get http transactions details of all the
transactions not just the vulnerable ones. .
Thanks,
Gorantla Sai.
|
