Re: [W3af-users] W3af is not doing PT
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
Re: [W3af-users] W3af is not doing PT
|
From: ad^2 <ads...@gm...> - 2016-10-05 15:45:41
|
Hello, First, it's always good to include the steps you used to reproduce the issue reported. Help us the community help you by providing more details and things you have tried. What version of w3af? GUI or Console? Your selection of plugins/profiles/exploits, etc.? (you mentioned OWASP top 10). What is the output of the scan? Try this and let me know if you find something interesting. w3af -s testfire.w3af.script [testfire script file contents] profiles use audit_high_risk plugins output html_file plugins output config html_file set output_file /root/testfire.html back plugins audit blind_sqli sqli target set target http://demo.testfire.net start Thx, ad^2 On Wed, Oct 5, 2016 at 1:59 AM, Shreyas M R <shr...@gm...> wrote: > Hi, > > I'm using w3af owasp top10 profile on http://demo.testfire.net/ which has > sqli and xss vulnerabilities. I'm not getting any vulnerabilities from w3af > scan. please anyone help me out in this. > > > > > [image: --] > > Shreyas M R > [image: http://]about.me/shreyasmrs > <http://about.me/shreyasmrs?promo=email_sig> > > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, SlashDot.org! http://sdm.link/slashdot > _______________________________________________ > W3af-users mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-users > > |
