w3af (web application attack and audit framework) is an open-source web application security scanner. The project provides a vulnerability scanner and exploitation tool for Web applications. It provides information about security vulnerabilities for use in penetration testing engagements. The scanner offers a graphical user interface and a command-line interface.

The framework has been called the “metasploit for the web”, but it’s actually much more than that, because it also discovers the web application vulnerabilities using black-box scanning techniques!. The w3af core and it’s plugins are fully written in Python. The project has more than 130 plugins, which identify and exploit SQL injection, cross site scripting (XSS), remote file inclusion and more.

How w3af works?

W3af framework consists of two important parts: core and plugins. The core runs the main process and coordinates the work of plugins, as well as the exchange of information between them. Plugins, in turn, find vulnerabilities and allows to exploit them’. Through the core plugins exchange information, for example, about found requests for fuzzing. The system acts as a central repository for the so-called “knowledge base”.

  1. Plugins to search for possible entry points to the application (or so-called discovery-plugins) collect forms, links and generally everything that can generate requests to a Web application. Thus creating a query map of the application being tested.
  2. Audit-plugins using output plugins (that is the entry point to the application) to detect targets for finding vulnerabilities that allow you to carry out attacks such as XSS, SQL injection, (R) LFI and lots of others.
  3. On next step works grep plugins through which passes pair of HTTP request/response and searches for information like credentials, credit cards information etc. These plug-ins are also able to search for plots of potentially dangerous JavaScript code.
  4. Brute force plugins (i.e. for Basic Authentication brute forcing).
  5. Attack plugins which will find which not searching for vulnerabilities, but already exploiting them.
  6. Mangle plugins which helps to intercept requests and gives possibility to change data inside.
  7. Evasion plugins are used to bypass firewalls.
  8. Output plugins are designed to create easy to read final report.
  9. Auth plugins are responsible for controlling of user session during tests execution.

w3af is very flexible and useful framework for web applications penetration testing with lots of interesting options which can help a lot during tests execution. But it has also and one big minus – it requires too much processor resources and w3af process must be somehow limit with available resources amount, otherwise it may just eat all your CPU.

Also another thing to mention that this is free pentesting tool.

Download w3af from official website you can by this link.

Previous articleKali Linux: First run
Next articleOSCP | Offensive Security Certified Professional
Penetration Testing & Information Security Specialist, Certified Ethical Hacker. Uladzislau Murashka provides information security and penetration testing services, IDS/IPS implementation and configuration, infrastructure security assessment and hardening, participates in bug bounty programs.