Hello all, i always miss w3af into BT. It's very useful, it's growing fast, and it works fine.

We always install it manually, and i think it's handy to have it on the CD


w3af.sourceforge.net


The features list is big, these are just some of them:
(note they developed a metasploit-wrapper to use every feature into w3af)


Plugins

w3af provides the following plugins (this list could be outdated):
Audit
- SQL injection detection
- XSS detection
- SSI detection
- Local file include detection
- Remote file include detection
- Buffer Overflow detection
- Format String bugs detection
- OS Commanding detection
- Response Splitting detection
- LDAP Injection detection
- Basic Authentication bruteforce
- File upload inside webrot
- htaccess LIMIT misconfiguration
- SSL certificate validation
- XPATH injection detection
- unSSL (HTTPS documents can be fetched using HTTP)
- dav

Discovery
- Pykto, a nikto port to python
- Hmap, http fingerprinting.
- fingerGoogle, finds valid user accounts in google.
- googleSpider, a spider that uses google.
- webSpider, a classic web spider.
- robotsReader
- urlFuzzer
- serverHeader, fetches server header
- allowedMethods, gets a list of allowed HTTP methods.
- crossDomain, get and parse the flash file crossdomain.xml
- error404page, generate a regular expression to match 404 pages.
- sitemapReader, read googles sitemap.xml and parse it.
- spiderMan, using a localproxy and a human, find new URLs for auditing.
- webDiff, find differences between a local and a remote directory.
- wsdlFinder, find and parse WSDL and DISCO files.

Grep
- collectCookies
- directoryIndexing
- findComments
- pathDisclosure
- strangeHeaders
- grep for pages using ajax and report them
- domXss, find DOM cross site scripting vulnerabilities.
- errorPages, search for eror pages that are too descriptive.
- fileUpload, find forms with file upload capabilities.
- getMails
- http authentication detection
- objects detection
- privateIP disclosure detection
- wsdlGreper, greps every page searching for WSDL documents.

Output
- console
- htmlFile
- textFile

Mangle
- sed, a stream editor for HTTP requests and responses.

Evasion
- reversedSlashes
- rndCase
- rndHexEncode
- rndParam
- rndPath
- selfReference

Attack
- davShell
- fileUploadShell
- googleProxy
- localFileReader
- mysqlWebShell
- osCommandingShell
- remoteFileIncludeShell
- rfiProxy
- sqlmap
- xssBeef


cheers

eldraco