Web application auditing with w3af

From Cryptolife

Jump to: navigation, search


w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnera‐bilities that is easy to use and extend.


w3af installation

apt-get install w3af w3af-console

w3af usage

#w3af_gui


After selected the target you can choose between different scanning profiles such OWASP top 10, Auditing hig risk,Bruteforce,fast scan, full audit (slow).



Progres bar and a real time log output ....



Auditing results


Retrieved from "http://*.cryptolife.org/index.php/Web_application_auditing_with_w3af"
Creative Commons License