Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/andresriancho/w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.
https://github.com/andresriancho/w3af

appsec cross-site-scripting scanner security sql-injection

Last synced: 25 days ago
JSON representation

w3af: web application attack and audit framework, the open source web vulnerability scanner.

Host: GitHub
URL: https://github.com/andresriancho/w3af
Owner: andresriancho
Created: 2011-08-31T23:20:34.000Z (about 13 years ago)
Default Branch: master
Last Pushed: 2023-02-22T06:05:59.000Z (over 1 year ago)
Last Synced: 2024-10-01T19:04:22.520Z (about 1 month ago)
Topics: appsec, cross-site-scripting, scanner, security, sql-injection
Language: Python
Homepage: http://w3af.org/
Size: 166 MB
Stars: 4,533
Watchers: 194
Forks: 1,212
Open Issues: 2,020
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-github-repos - andresriancho/w3af - w3af: web application attack and audit framework, the open source web vulnerability scanner. (Python)
awesome-termux-hacking - w3af - w3af: web application attack and audit framework, the open source web vulnerability scanner..[![->](https://img.shields.io/github/stars/andresriancho/w3af.svg?style=social&label=Star&maxAge=2592000)](https://github.com/andresriancho/w3af/stargazers/) (Uncategorized / Uncategorized)
awesome-devsecops-russia - w3af
awesome-starred - andresriancho/w3af - w3af: web application attack and audit framework, the open source web vulnerability scanner. (security)

README

        ## w3af - Web Application Attack and Audit Framework

[w3af](http://w3af.org/) is an [open source](https://www.gnu.org/licenses/gpl-2.0.txt)

web application security scanner which helps developers and penetration testers

identify and exploit vulnerabilities in their web applications.

The scanner is able to identify [200+ vulnerabilities](https://github.com/andresriancho/w3af/blob/master/w3af/core/data/constants/vulns.py),

including [Cross-Site Scripting](https://github.com/andresriancho/w3af/blob/master/w3af/plugins/audit/xss.py),

[SQL injection](https://github.com/andresriancho/w3af/blob/master/w3af/plugins/audit/sqli.py) and

[OS commanding](https://github.com/andresriancho/w3af/blob/master/w3af/plugins/audit/os_commanding.py).

## Contributing

Pull requests are always welcome! If you're not sure where to start, please take

a look at the [First steps as a contributor](https://github.com/andresriancho/w3af/wiki/First-steps-as-a-contributor)

document in our wiki. All contributions, no matter how small, are welcome.

## Links and documentation

 * [w3af's main site](http://w3af.org/)

 * [Project documentation](http://docs.w3af.org/en/latest/)

## Sponsors

[Holm Security](https://www.holmsecurity.com/) sponsors the project and uses [w3af](http://w3af.org/)

as part of their amazing [automated and continuous vulnerability assessment platform](https://www.holmsecurity.com/vulnerability-assessment).

Found this project useful? Donations are accepted via [ethereum](https://www.ethereum.org/) at `0xb1B56F04E6cc5F4ACcB19678959800824DA8DE82`