mailing list archives
[TOOL] w3af 1.0-rc5 release: Better, Stronger, Faster.
From: Andres Riancho <andres.riancho () gmail com>
Date: Wed, 19 Jan 2011 09:16:25 -0300
Since our latest release back in November, the w3af team has focused
on making the framework better, stronger and faster. By downloading
this release you'll be able to enjoy new vulnerability checks, more
stable code and a about 15% performance boost in the overall speed of
your scan. Here's what's new:
* Now using bloom filters instead of sqlite3 databases, which are
persistent on disk, effectively increasing scan performance by about
* Fixed most of the bugs that cause w3afMustStopExceptions and
wrote debugging code to allow us to identify the remaining ones.
* Based on many community requests we've updated our XML output
plugin and wrote an XSD file to help other tools parse the output from
* Added new plugin to measure the number of hops for port 80 vs 443
and perform a comparison. Which is useful to identify load balancers,
reverse proxies and any other network appliances.
On top of that, we've also worked on writing unit tests and a
continuous integration system (thanks go to Martin Mizrahi from the
NeXpose team for helping with this!) that we'll use for testing our
code each night. When we complete this task, we'll be able to deliver
high quality code on each release, with fewer bugs and no regressions.
As usual, you can find the download link on the www.w3af.com website,
where you're going to be able to find videos, users' guide and much
PS: http://www.youtube.com/watch?v=K2cYWfq--Nw (wait until second
57, there's where the fun begins)
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at w3af
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- [TOOL] w3af 1.0-rc5 release: Better, Stronger, Faster. Andres Riancho (Jan 19)