Posted by: andres.riancho
During the past days I’ve been working on creating a Python “w3af” module. What’s that many may ask! Well, the basic idea is that after the feature branch is done, users will be able to “import w3af” in their Python code and extend the framework more easily.
The ones which will benefit the most with this change are developers which extend w3af, want to include it in other Python tools, etc. It was very difficult to do that before, but it ...
Read more →Posted by: andres.riancho
A feature request appeared on our IRC, private conversations and mailing lists once every year or so: “I want to be able to detect if my site is spreading malware”. Last week it appeared again and this time it was implemented, so for your enjoyment I give you w3af – ClamAV integration.
The basic ...
Read more →Posted by: andres.riancho
Last year was great, I had time to read and understand something that was a complete mystery for me: HTML5.
After reading through the great documentation and examples at html5rocks, applying the knowledge while developing PoC applications and going through all the HTML5 security papers available it felt right to give a talk about it. This is my Prezi for “Understanding HTML5 Security”, enjoy!
Read more →Posted by: andres.riancho
Yesterday I delivered a two hour, free, w3af workshop at the ISSA Charlotte Summit. This was the first workshop of this type I’ve delivered and the experience was great. I’m sure many awesome things will come out of it! The workshop objectives are:
If you’re organizing a conference and would like to ...
Read more →During the last weeks I’ve been using some of my time to learn various aspects of cloud computing. I spend most of my time reading and testing some new ideas on Amazon’s cloud. After using Amazon’s console for a while, I started to use the Boto library for starting my instances and then pushing some code to them with Fabric.
The problem came one day when, because of a ...
Read more →Posted by: andres.riancho
I’ve been experimenting with Amazon Web Services during the last month, and I have to say I’m impressed. There is a whole new world of things to learn and use, with endless possibilities. Since it all started with the migration of the w3af.org site to an Amazon ec2 instance, I decided to give a talk about that at the OWASP LATAM Tour, here are the slides!
Read more →Posted by: andres.riancho
It’s time. The w3af project needs your help. I’ve been improving this software during the last months and now I need you to test it before the release. I’ve done my fair share of testing, but I’m also the developer and that’s never good.
We’re looking for bugs, crashes, false positives, false negatives, typos, etc. anything that can be improved is welcome.
Follow these steps for testing:
cd ~ git clone https://github.com/andresriancho/w3af.git cd w3af git checkout threading2 # Backup ...Read more →
Posted by: andres.riancho
We had our old, static and boring project page for too much time. It was difficult for me to update it, didn’t allow me to blog about the project news in a format that was readable and eye-candy and many other things that I won’t mention.
Now I present you the new w3af.org website! Hopefully, this will solve all the issues with the old site and enhance the communication between all members of the w3af community.
Read more →