[W3af-users] performance issues post-scan

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I'm running a Dockerized version of w3af via w3af_console_docker on Kali
Linux. I'm targeting an instance of Mutillidae, using the OWASP_TOP10
profile.

The scan appeared to take about 15 minutes, but never completed. I no
longer see web requests to the target server, but for the past 20 hours or
so I see messages like this, with decreasing values for "requests per
minute" over time:

|------------------------------------------------------------------------------|
> | Crawling Method: GET | http://192.168.1.57/icons/small/ | Query string:
>      |
> | (view) using crawl.phpinfo
>     |
> | Auditing Method: GET | http://192.168.1.57/icons/small/ | Query string:
>      |
> | (view) using audit.frontpage
>     |
> | Crawl phase: In (None URLs/min) Out (None URLs/min) Pending (None URLs)
> ETA  |
> | (None)
>     |
> | Audit phase: In (None URLs/min) Out (None URLs/min) Pending (None URLs)
> ETA  |
> | (None)
>     |
> | Requests per minute: 9
>     |
>
> |------------------------------------------------------------------------------|
>

Other profiles, such as web_infrastructure, finished faster but still had a
substantial delay after the actual scanning appeared to be complete.

I saw similar behavior described years ago in this thread, but I'm not sure
if the root cause of that issue was determined:
https://sourceforge.net/p/w3af/mailman/message/31150639/

Thanks for any insights,

-- 
Chris Herdt