Presentation is loading. Please wait.

Presentation is loading. Please wait.

W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

Similar presentations


Presentation on theme: "W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application."— Presentation transcript:

1 w3af LUCA ALEXANDRA ADELA – MISS 1

2 w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application vulnerabilities  Developed using Python and licensed under GPLv2.0  Runs either from command line or GUI  Created in 2006, project lead by Andres Riancho  Vulnerabilities are identified using plugins, that send specially crafted HTTP requests to identify errors and mis-configurations  Identifies more than 200 vulnerabilities

3 Features  Parsing ◦- The framework tries to parse and extract links and forms from any HTML that’s found during the crawling phase ◦- Support for various encodings and broken HTML tags is built-in  Output Manager - Console - Text, CSV, HTML and XML files - Sent by email

4 Fast HTTP Client  Proxy support  HTTP Basic and Digest authentication  UserAgent faking  Add custom headers to requests  Cookie handling  DNS cache

5 Fuzzing engine w3af can inject payloads into the following parts of a HTTP request:  Query string  POST-data  Headers  Cookie values  URL path

6 w3af  Scanning process 1.Identify all links, forms, query string parameters (crawl plugins: web_spider) 2.Send specially crafted strings to each input and analyze the output (audit plugins: sqli) 3.Generate a report with the findings (output plugins: xml_file)  w3af’s architecture ◦The core, which coordinates the whole process and provides libraries for using in plugins ◦The user interfaces, which allow the user to configure and start scans ◦The plugins, which find links and vulnerabilities

7 Plugin categories  Audit Audit plugins use the knowledge created by crawl plugins to find vulnerabilities  Auth Auth plugins make possible to scan authorization protected web applications. They make login action in the beginning of the scan, logout – in the end  Bruteforce Bruteforce plugins automatically crawl logins and bruteforce them using the knowledge about the remote web application  Crawl Crawl plugins use different techniques to identify new URLs, forms, and any other resource that might be of use during the audit and bruteforce phases  Evasion Evasion plugins modify requests in order to bypass IPS detection

8 Plugin categories  Grep Grep plugins analyze every request and response in order to find errors, cookies, emails, comments and much more information about the target web application  Infrastructure Infrastructure plugins use different techniques to identify the remote operating system, web server, Web Application Firewalls, remote users and any other information that is related to the target web application but is not in its source code  Mangle Mangle plugins modify requests on the fly  Output Output plugins allow the user to configure how the framework is going to show its results

9 Tools  Manual Requests This tool lets you write and send HTTP requests.  Fuzzy Requests This tool lets you create multiple HTTP requests in an easy and controllable way.  Encode and Decode This tool allows you to apply a lot of encoding and decoding functions in the text that you want.  Comparing HTTP traffic With this tool you will be able to compare different requests and responses.

10 Case study  Virtualization: Oracle VM VirtualBox  OS: Kali Linux 1.0.9 (64bit)  Web vulnerability scanner: w3af  Web application: photo sharing website (LAMP)

11 Sources http://w3af.org/ http://sectools.org/tag/web-scanners/ http://www.kali.org/ https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project


Download ppt "W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application."

Similar presentations


Ads by Google