Re: [W3af-develop] Fwd: Write single URL scans with w3af API
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
Re: [W3af-develop] Fwd: Write single URL scans with w3af API
|
From: Andres R. <and...@gm...> - 2016-05-27 17:34:09
|
I don't see the difference, just put one HTTP request in the file, scan, repeat. On Fri, May 27, 2016 at 2:13 PM, Abhay Bhargav <abh...@gm...> wrote: > > Hi Andres: > > Thanks for your response. I will look into this. > > However, my requirement is a little different. The requests and responses is > queued. I want to send HTTP request one at a time and have that scanned, as > it enters the queue. Your solution seems to be to scan a bunch of requests > loaded in a file. Correct me if I am wrong please. > > On Fri, May 27, 2016 at 9:02 PM, Andres Riancho <and...@gm...> > wrote: >> >> Yup, completely possible. Most likely following these steps: >> >> * Start the API >> * Write a file containing the HTTP request (base64 encoded) >> * Write a file containing a scan profile. The scan profile should use >> the import_results plugin [0] and point to the previously created file >> with the HTTP request >> * Start the scan with the provided scan profile >> >> [0] >> https://github.com/andresriancho/w3af/blob/master/w3af/plugins/crawl/import_results.py#L172-L182 >> >> On Wed, May 25, 2016 at 8:45 AM, Abhay Bhargav <abh...@gm...> >> wrote: >> > Hi Group: >> > >> > I was wondering if we could do single URL scans with w3af api. What I >> > mean >> > is this: I have a DB of HTTP requests of an application that need to be >> > scanned. These are part of the same application. I would like to scan >> > them >> > one at a time in a queue with w3af's API. Is that possible? Or does it >> > only >> > have to be a typical w3af scan? >> > >> > >> > ------------------------------------------------------------------------------ >> > Mobile security can be enabling, not merely restricting. Employees who >> > bring their own devices (BYOD) to work are irked by the imposition of >> > MDM >> > restrictions. Mobile Device Manager Plus allows you to control only the >> > apps on BYO-devices by containerizing them, leaving personal data >> > untouched! >> > https://ad.doubleclick.net/ddm/clk/304595813;131938128;j >> > _______________________________________________ >> > W3af-develop mailing list >> > W3a...@li... >> > https://lists.sourceforge.net/lists/listinfo/w3af-develop >> > >> >> >> >> -- >> Andrés Riancho >> Project Leader at w3af - http://w3af.org/ >> Web Application Attack and Audit Framework >> Twitter: @w3af >> GPG: 0x93C344F3 > > > ------------------------------------------------------------------------------ > What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic > patterns at an interface-level. Reveals which users, apps, and protocols are > consuming the most bandwidth. Provides multi-vendor support for NetFlow, > J-Flow, sFlow and other flows. Make informed decisions using capacity > planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e > _______________________________________________ > W3af-develop mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-develop > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
