W3AF: Introduction, Architecture and Features

What is W3AF?

W3AF

W3AF stands for web application attack and Audit framework. It is an open-source framework. It is an open-source framework for auditing and exploiting web applications. It provides facts about security vulnerabilities and bugs for use in penetration testing. The scanner offers a graphical user interface and a command line interface. It is written in python programming language and compatible will all major operating systems like windows, Linux, FreeBSD, etc.

Architecture of W3AF

The W3AF framework is divided into three parts:

1. The core coordinates the whole process and provides libraries for use in plugins.

2. The user interfaces, allow the user to configure and start scans.

3. The plugins, which find links and vulnerabilities.

Features of W3AF

1. It provides web service support.

2. It exploits SQL injection (blind), O.S Commanding, remote file inclusions, local file inclusions, XSS, and more.

3. It provides good harmony among plug-ins.

4. It has a discovery plugin that scans URLs.

5. It has an audit plugin that helps to send crafted data to find vulnerabilities.

6. It has an exploit plugin that exploits vulnerabilities in the target and also provides SQL dumps.

7. It can also create fuzzing requests.

8. It greps every HTTP request and response to find comments, password profiling, private IP, Directory indexing, etc.

Popular Posts

Conducting Polymers: Definition, Examples, Properties and Applications

Image
What are Conducting Polymers? As the name suggests organic polymers that conduct electricity are known as conducting polymers. They are also known as intrinsically conducting polymers (ICPs) and they have alternating single and double bonds along the polymer backbone (conjugated bonds) or that are composed of aromatic rings such as Phenylene, naphthalene, anthracene, pyrrole, and thiophene which are connected through carbon-carbon single bonds. Examples: Polyacetylene, Polypyrrole, Polyaniline, etc What is the reason behind conducting nature of these polymers? Conducting polymers comes in two forms that are doped conducting polymers and non-doped conducting polymers. The conductivity of non-doped conjugated polymers is due to the existence of a conductivity band similar to a metal. In a conjugated polymer, three of the four valence electrons form strong sigma bonds through sp² hybridization where electrons are strongly localized. The remaining unpaired electron of each carbon atom re
Read more

Crime Scene: Definition, Types and Characteristics

Image
What is a Crime Scene ? A place where the crime is committed or where the maximum physical evidence related to crime is found is known as a crime scene. A crime scene is a starting point of the investigation which provides information about the suspect and the victim. This helps to reconstruct the crime and fast resolution of the case. It is noted that the crime scene is not limited to a single place but may extend to a wider area depending upon the nature of the crime committed. For example, In a murder case where murder is done at one place and the body is disposed on another place. In this case, we have two crime scenes that give information about the crime. Types of Crime Scene Based on evidence found on the crime scene: 1. Primary Crime Scene The crime scene where the actual crime occurred or where more usable pieces of evidence were found is known as the primary crime scene. For example, A murder scene, theft, assault, etc. 2. Secondary Crime Scene The crime scene which is some
Read more

Raman Spectroscopy: Principle, Instrumentation and Applications

Image
What is Raman Spectroscopy? Raman spectroscopy was given by an Indian Physicist Sir C.V Raman , which is based on inelastic scattering of monochromatic light with the sample. The resulting light will have a different frequency than incident light due to this inelastic scattering.  This technique is widely used to analyze vibrational, rotational, and other low-frequency interactions in the molecule. This significantly helps in the elucidation of molecular structure, identifying functional groups, etc. Principle of Raman Spectroscopy Raman spectroscopy is based on the inelastic scattering of electromagnetic radiation with the molecule. We have two types of scattering that are elastic and inelastic scattering.  Elastic scattering obeys the Rayleigh law that states that there will be no loss of energy and momentum of the incidence radiation and scattered radiation. That's why this scattering is also known as Rayleigh scattering. Whereas, there will be some conditions (1 in million
Read more