Long term objectives

• Create the biggest community of Web Application Hackers
• Become the best Web Application Scanner
• Become the best Web Application Exploitation Framework
• Combine static code analysis and black box testing into one framework
• Become the nmap for the Web

Short term objectives

Make the community grow

w3af should be much more than a piece of software, w3af is a community that breathes Web Application Security. Our goal has to be to grow our community every day. Community members start threads in the mailing list, promote w3af in information security conferences, contribute with patches, feature requests and bug reports. Without a supporting community, there is no project.

Become the best Open Source Web Application Scanner

Right now there is some controversy on which is the best Open Source Web Application Scanner. One of our main short term goals is to become, without a doubt, the best Open Source Web Application Scanner.

Become the best Open Source Web Application Exploitation Framework

One of the advantages of being the first Web Application Exploitation Framework is that you are the best “by default”, but the w3af community doesn’t have to forget about Metasploit. H D Moore and his crew are building a lot of Web Application exploits, and the architecture to support them. Our goal has to be to develop a stable architecture to support all the exploit types and techniques that could appear in the future.