w3af
Tr4c3推荐
w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. This project is currently hosted at SourceForge . For further information, you may also want to visit w3af SourceForge project page .
If you are here just to “take a look” these screenshots and videos will show you what w3af can do:
- OS commanding detection and exploit (console user interface) – Screenshot
- OS commanding and DAV misconfiguration detection and exploit (console user interface) – Screenshot
- Blind SQL Injection exploit (console user interface) – Screenshot
- OS commanding detection and exploit (pyGTK user interface) – Video
