Lucene search
K
W3afMost viewed

145 matches found

w3af
w3af
•added 2013/06/10 11:2 p.m.•17 views

lang

This plugin reads N pages and determines the language the site is written in. This is done by saving a list of prepositions in different languages, and counting the number of matches on every page. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more...

7AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•17 views

wsdl_greper

This plugin greps every page for WSDL definitions. Not all wsdls are found appending "?WSDL" to the url like crawl.wsdlfinder plugin does, this grep plugin will find some wsdls that arent found by the crawl plugin. Plugin type Grep Options This plugin doesnt have any user configured options. Sour...

Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•17 views

sed

This plugin is a stream editor for web requests and responses. Three configurable parameters exist: priority expressions fixContentLen Stream edition expressions are strings that tell the sed plugin what to change. Sed plugin uses regular expressions, some examples: qh/User/NotLuser/ This will ma...

7.3AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•17 views

full_width_encode

This evasion plugin does full width encoding as described here: http://www.kb.cert.org/vuls/id/739224 Example: Input: /bar/foo.asp Output : /b%uFF61r/%uFF66oo.asp Plugin type Evasion Options This plugin doesnt have any user configured options. Source For more information about this plugin and the...

0.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•16 views

content_negotiation

This plugin uses HTTP content negotiation to find new resources. The plugin has three distinctive phases: Identify if the web server has content negotiation enabled. For every resource found by any other plugin, perform a request to find new related resources. For example, if another plugin finds...

7.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•16 views

sitemap_xml

This plugin searches for the sitemap.xml file, and parses it. The sitemap.xml file is used by the site administrator to give the Google crawler more information about the site. By parsing this file, the plugin finds new URLs and other useful information. Plugin type Crawl Options This plugin does...

7.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•16 views

server_header

This plugin GETs the server header and saves the result to the knowledge base. Nothing strange, just do a GET request to the url and save the server headers to the kb. A smarter way to check the server type is with the hmap plugin. Plugin type Infrastructure Options This plugin doesnt have any us...

Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•16 views

symfony

This plugin greps every page for traces of the Symfony framework and the lack of CSRF protection. Plugin type Grep Options Name | Type | Default Value | Description | Help ---|---|---|---|--- override | boolean | False | Skip symfony detection and search for the csrf misprotection. | No detailed...

7.3AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•16 views

response_splitting

This plugin will find response splitting vulnerabilities. The detection is done by sending "w3af\r\nVulnerable: Yes" to every injection point, and reading the response headers searching for a header with name "Vulnerable" and value "Yes". Plugin type Audit Options This plugin doesnt have any user...

0.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•16 views

rnd_path

This evasion plugin adds a random path to the URI. Example: Input: /bar/foo.asp Output : /aflsasfasfkn/../bar/foo.asp Plugin type Evasion Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source...

Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•16 views

wordpress_fingerprint

This plugin finds the version of a WordPress installation by fingerprinting it. It first checks whether or not the version is in the index header and then it checks for the "real version" through the existance of files that are only present in specific versions. Plugin type Crawl Options This...

0.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•16 views

error_500

This plugin greps every page for error 500 pages that havent been caught by other plugins. By enabling this, you are enabling a "safety net" that will catch all interesting HTTP responses which might lead to a bug or vulnerability. Plugin type Grep Options This plugin doesnt have any user...

7.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•15 views

feeds

This plugin greps every page and finds rss, atom, opml feeds on them. This may be usefull for determining the feed generator and with that, the framework being used. Also this will be helpful for testing feed injection. Plugin type Grep Options This plugin doesnt have any user configured options...

7.5AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•15 views

ssi

This plugin finds server side include SSI vulnerabilities. Plugin type Audit Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the hood: Plugin source...

0.3AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•15 views

finger_google

This plugin finds mail addresses in google. Two configurable parameters exist: resultlimit fastsearch If fastsearch is set to False, this plugin searches google for : "@domain.com", requests all search results and parses them in order to find new mail addresses. If the fastsearch configuration...

7AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•15 views

rnd_case

This evasion plugin changes the case of random letters. Example: Input: /bar/foo.asp Output : /BAr/foO.Asp Plugin type Evasion Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to...

7.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•15 views

os_commanding

This plugin will find OS commanding vulnerabilities. The detection is performed using two different techniques: Time delays Writing a known file to the HTML output With time delays, the plugin sends specially crafted requests that, if the vulnerability is present, will delay the response for 5...

Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•15 views

preg_replace

This plugin will find pregreplace vulnerabilities. This PHP function is vulnerable when the user can control the regular expression or the content of the string being analyzed and the regular expression has the e modifier. Right now this plugin will only find pregreplace vulnerabilities when PHP ...

0.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•14 views

oracle

This plugin greps every page for oracle messages, versions, etc. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the hood: Plugin...

7.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•14 views

get_emails

This plugin greps every page for emails, these can be used in other places, like bruteforce plugins, and are of great value when doing a complete information security assessment. Plugin type Grep Options Name | Type | Default Value | Description | Help ---|---|---|---|--- onlytargetdomain | boole...

7.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•14 views

email_report

This plugin sends short report only vulnerabilities by email to specified addresses. There are some configurable parameters: smtpServer smtpPort toAddrs fromAddr Plugin type Output Options Name | Type | Default Value | Description | Help ---|---|---|---|--- smtpServer | string | localhost | SMTP...

7.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•14 views

strange_http_codes

Analyze HTTP response codes sent by the remote web application and report uncommon findings. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly...

0.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•14 views

user_dir

This plugin will try to find user home directories based on the knowledge gained by other plugins, and an internal knowledge base. For example, if the target URL is: http://test/ And other plugins found this valid email accounts: email protected email protected This plugin will request:...

7.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•14 views

dot_net_errors

Request specially crafted URLs that generate ASP.NET errors in order to gather information like the ASP.NET version. Some examples of URLs that generate errors are: default|.aspx default.aspx Plugin type Infrastructure Options This plugin doesnt have any user configured options. Source For more...

7.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•14 views

html_file

This plugin writes the framework messages to an HTML report file. Two configurable parameters exist: outputfile verbose If you want to write every HTTP request/response to a text file, you should use the textfile plugin. Plugin type Output Options Name | Type | Default Value | Description | Help...

7AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•14 views

xssed_dot_com

This plugin searches the xssed.com database and parses the result. The information stored in that database is useful to know about previous XSS vulnerabilities in the target website. Plugin type Infrastructure Options This plugin doesnt have any user configured options. Source For more informatio...

6.3AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•13 views

html_comments

This plugin greps every page for HTML comments, special comments like the ones containing the words "password" or "user" are specially reported. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests,...

Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•13 views

digit_sum

This plugin tries to find new URLs by changing the numbers that are present on it. Two configurable parameters exist: fuzzImages maxDigitSections An example will clarify what this plugin does, lets suppose that the input for this plugin is: http://host.tld/index1.asp This plugin will request:...

7.4AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•13 views

url_session

This plugin finds URLs which contain a parameter that stores the session ID. This configuration leaves the session id exposed in browser and server logs, and is also leaked through the HTTP referrer header. Plugin type Grep Options This plugin doesnt have any user configured options. Source For...

0.3AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•12 views

user_defined_regex

This plugin greps every response for a user defined regex. You can specify a single regex or an entire file of regexes each line one regex, if both are specified, the singleregex will be added to the list of regular expressions extracted from the file. A list of example regular expressions can be...

7.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•12 views

find_jboss

This plugin identifies JBoss installation directories and possible security vulnerabilities. Plugin type Infrastructure Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand...

7.3AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•12 views

wordpress_fullpathdisclosure

This plugin try to find the path in the server where WordPress is installed. Plugin type Crawl Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the...

0.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•11 views

oracle_discovery

This plugin retrieves Oracle Application Server URLs and extracts information available on them. Plugin type Crawl Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exact...

0.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•11 views

dot_listing

This plugin searches for the .listing file in all the directories and subdirectories that are sent as input and if found it will try to discover new URLs from its content. The .listing file holds information about the list of files in the current directory. These files are created when download...

7.3AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•11 views

favicon_identification

This plugin identifies software version using favicon.ico file. It checks MD5 of favicon against the MD5 database of favicons. See also: http://www.owasp.org/index.php/Category:OWASPFaviconDatabaseProject http://kost.com.hr/favicon.php Plugin type Infrastructure Options This plugin doesnt have an...

7.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•11 views

phishing_vector

This plugins finds phishing vectors in web applications, for example, a bug of this type is found if I request the URL "http://site.tld/asd.asp?info=http://attacker.tld" and in the response HTML the web application sends: … iframe src="http://attacker.tld" …. Plugin type Audit Options This plugin...

6.9AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•10 views

blank_body

This plugin finds HTTP responses with a blank body, these responses may indicate errors or misconfigurations in the web application or the web server. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated...

7.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•10 views

code_disclosure

This plugin greps every page in order to find code disclosures. Basically it greps for ?.? and %.% using the re module and reports findings. Code disclosures are usually generated due to web server misconfigurations, or wierd web application "features". Plugin type Grep Options This plugin doesnt...

7.4AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•9 views

reversed_slashes

This evasion plugin changes the slashes from / to \ . Example: Input: /bar/foo.asp Output : \bar\foo.asp Plugin type Evasion Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to...

7.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•9 views

dom_xss

This plugin greps every page for traces of DOM XSS. An interesting paper about DOM XSS can be found here: http://www.webappsec.org/projects/articles/071105.shtml Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the...

Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•9 views

format_string

This plugin finds format string bugs. Users have to know that detecting a format string vulnerability will be only possible if the server is configured to return errors, and the application is developed in cgi-c or some other language that allows the programmer to do this kind of mistakes. Plugin...

7AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•9 views

ssn

This plugins scans every response page to find the strings that are likely to be the US social security numbers. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to...

7.2AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•9 views

export_requests

This plugin exports all discovered HTTP requests URL, Method, Params to the given file CSV which can then be imported in another scan by using the crawl.importresults. One configurable parameter exists: outputfile Plugin type Output Options Name | Type | Default Value | Description | Help...

0.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•8 views

file_upload

This plugin greps every page for forms with file upload capabilities. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the hood:...

0.1AI score
Exploits0
w3af
w3af
•added 2013/06/10 11:2 p.m.•8 views

import_results

This plugin serves as an entry point for the results of other tools that identify URLs. The plugin reads from different input files and directories and creates the fuzzable requests which are needed by the audit plugins. Two configurable parameter exist: inputcsv inputburp One or more of these ne...

Exploits0
Total number of security vulnerabilities145