[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [TOOL] w3af 1.0-rc5 release: Better, Stronger, Faster.



List,

Since our latest release back in November, the w3af team has focused
on making the framework better, stronger and faster. By downloading
this release you'll be able to enjoy new vulnerability checks, more
stable code and a about 15% performance boost in the overall speed of
your scan. Here's what's new:

   * Now using bloom filters instead of sqlite3 databases, which are
persistent on disk, effectively increasing scan performance by about
15%!
   * Fixed most of the bugs that cause w3afMustStopExceptions and
wrote debugging code to allow us to identify the remaining ones.
   * Based on many community requests we've updated our XML output
plugin and wrote an XSD file to help other tools parse the output from
our scanner.
   * Added new plugin to measure the number of hops for port 80 vs 443
and perform a comparison. Which is useful to identify load balancers,
reverse proxies and any other network appliances.

On top of that, we've also worked on writing unit tests and a
continuous integration system (thanks go to Martin Mizrahi from the
NeXpose team for helping with this!) that we'll use for testing our
code each night. When we complete this task, we'll be able to deliver
high quality code on each release, with fewer bugs and no regressions.

As usual, you can find the download link on the www.w3af.com website,
where you're going to be able to find videos, users' guide and much
more.

PS: http://www.youtube.com/watch?v=K2cYWfq--Nw   (wait until second
57, there's where the fun begins)

Regards,
-- 
Andrés Riancho
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at w3af

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/