[W3af-develop] Fwd: Write single URL scans with w3af API
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
[W3af-develop] Fwd: Write single URL scans with w3af API
|
From: Abhay B. <abh...@gm...> - 2016-05-27 17:13:45
|
Hi Andres: Thanks for your response. I will look into this. However, my requirement is a little different. The requests and responses is queued. I want to send HTTP request one at a time and have that scanned, as it enters the queue. Your solution seems to be to scan a bunch of requests loaded in a file. Correct me if I am wrong please. On Fri, May 27, 2016 at 9:02 PM, Andres Riancho <and...@gm...> wrote: > Yup, completely possible. Most likely following these steps: > > * Start the API > * Write a file containing the HTTP request (base64 encoded) > * Write a file containing a scan profile. The scan profile should use > the import_results plugin [0] and point to the previously created file > with the HTTP request > * Start the scan with the provided scan profile > > [0] > https://github.com/andresriancho/w3af/blob/master/w3af/plugins/crawl/import_results.py#L172-L182 > > On Wed, May 25, 2016 at 8:45 AM, Abhay Bhargav <abh...@gm...> > wrote: > > Hi Group: > > > > I was wondering if we could do single URL scans with w3af api. What I > mean > > is this: I have a DB of HTTP requests of an application that need to be > > scanned. These are part of the same application. I would like to scan > them > > one at a time in a queue with w3af's API. Is that possible? Or does it > only > > have to be a typical w3af scan? > > > > > ------------------------------------------------------------------------------ > > Mobile security can be enabling, not merely restricting. Employees who > > bring their own devices (BYOD) to work are irked by the imposition of MDM > > restrictions. Mobile Device Manager Plus allows you to control only the > > apps on BYO-devices by containerizing them, leaving personal data > untouched! > > https://ad.doubleclick.net/ddm/clk/304595813;131938128;j > > _______________________________________________ > > W3af-develop mailing list > > W3a...@li... > > https://lists.sourceforge.net/lists/listinfo/w3af-develop > > > > > > -- > Andrés Riancho > Project Leader at w3af - http://w3af.org/ > Web Application Attack and Audit Framework > Twitter: @w3af > GPG: 0x93C344F3 |
