Re: [W3af-users] HTTP redirect
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
Re: [W3af-users] HTTP redirect
|
From: Andres R. <and...@gm...> - 2016-09-02 14:19:58
|
I believe the answer is in the authentication part of docs [0], most likely in [1]. Regarding 2FA, the way I would do it is to authenticate using a browser, then get the cookie and set it in w3af as explained in [1] [0] http://docs.w3af.org/en/latest/authentication.html [1] http://docs.w3af.org/en/latest/authentication.html#setting-http-cookie On Thu, Sep 1, 2016 at 9:16 PM, Vimal SRINIVASAN <onl...@gm...> wrote: > Nice point highlighted by Blaharski. I am curious what if the SSO have 2FA. > > Regards, > Vimal. > > > On Sep 1, 2016 11:11 PM, "Blaharski, Jared" <jar...@co...> > wrote: >> >> To Whom It May Concern: >> >> >> >> The website that we would like to scan has a SSO system and a HTTP >> redirect. Will your software have any trouble with handling that when doing >> the crawl through the website? >> >> >> >> ------------------------------------------------------------------------------ >> >> _______________________________________________ >> W3af-users mailing list >> W3a...@li... >> https://lists.sourceforge.net/lists/listinfo/w3af-users >> > > ------------------------------------------------------------------------------ > > _______________________________________________ > W3af-users mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-users > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
