Web application and audit framework

w3af is a complete environment for auditing and attacking web applications. This environment provides a solid platform for web vulnerability assessments and penetration tests.


The framework can be downloaded from the project main page:http://www.w3af.com/#download


Some of the requirements are bundled with the distribution file, in order to make

the installation process easier for the novice user. The bundled requirements can

be found inside the extlib directory. Most of the libraries can be run from that

directory, but some others require an installation process, the installation steps

for these libraries are (as root):

cd w3af

cd extlib

cd fpconst­0.7.2

python setup.py install

cd ..

cd SOAPpy

python setup.py install

cd ..

cd pyPdf

python setup.py install

Running w3af:-

w3af has two user interfaces, the console user interface (consoleUI) and the

graphical user interface (gtkUi). To use console interface type



If you are using w3af first time then I recommended you to use graphical user interface.


The graphical user interface allows you to perform all the actions that the

framework offers and features a much easier and faster way to start a scan and

analyze the results.

If you want to know more about plugins & console interface, here is document. You can Download it.

No comments: