Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

W3AF|null

988 views

Published on

  • Be the first to comment

  • Be the first to like this

W3AF|null

  1. 1. Web Application Attack and Audit Framework By Prajwal Panchmahalkar
  2. 2. <ul><li>W3af is a well known web attack and auditing framework . </li></ul><ul><ul><li>Very similar to Metasploit framework </li></ul></ul><ul><li>W3af combines all necessary actions for a complete web attack. </li></ul><ul><ul><li>Mapping </li></ul></ul><ul><ul><li>Discovery </li></ul></ul><ul><ul><li>Exploitation </li></ul></ul><ul><li>This puts the framework into three major plug-ins. </li></ul>
  3. 3. <ul><li>Web Service Support </li></ul><ul><li>Exploits </li></ul><ul><ul><li>SQL injections(blind) </li></ul></ul><ul><ul><li>OS commanding </li></ul></ul><ul><ul><li>remote file inclusions </li></ul></ul><ul><ul><li>local file inclusions </li></ul></ul><ul><ul><li>XSS and more </li></ul></ul><ul><li>A good harmony among plug-ins. </li></ul>
  4. 4. <ul><li>Discovery Plugin </li></ul><ul><ul><li>URLS </li></ul></ul><ul><ul><li>Injection Points </li></ul></ul><ul><li>Audit Plugin </li></ul><ul><ul><li>Uses the above injection points </li></ul></ul><ul><ul><li>Sends crafted data to find vulnerabilities </li></ul></ul><ul><li>Exploit Plugin </li></ul><ul><ul><li>Exploits vulnerabilities found </li></ul></ul><ul><ul><li>Provides SQL dumps / remote shell is returned </li></ul></ul>
  5. 7. <ul><li>Find all the URLs </li></ul><ul><ul><li>Create Fuzzable request </li></ul></ul><ul><li>Plugins: </li></ul><ul><ul><li>WebSpider </li></ul></ul><ul><ul><li>URL fuzzer </li></ul></ul><ul><ul><li>Pykto </li></ul></ul><ul><ul><li>GoogleFuzzer </li></ul></ul>
  6. 8. <ul><li>They use the discovery plug-in outputs and find their respective vulnerabilities </li></ul><ul><ul><li>SQL Injection (blind) </li></ul></ul><ul><ul><li>XSS </li></ul></ul><ul><ul><li>Buffer Overflow </li></ul></ul><ul><ul><li>Response Splitting </li></ul></ul>
  7. 9. <ul><li>Grep every HTTP request and response </li></ul><ul><ul><li>findComments </li></ul></ul><ul><ul><li>passwordProfiling </li></ul></ul><ul><ul><li>privateIP </li></ul></ul><ul><ul><li>DirectoryIndexing </li></ul></ul><ul><ul><li>Getmails </li></ul></ul><ul><ul><li>lang </li></ul></ul>
  8. 10. <ul><li>BruteForce </li></ul><ul><ul><li>Bruteforce logins </li></ul></ul><ul><li>Evasion </li></ul><ul><ul><li>Modify the request to evade IDS detection </li></ul></ul><ul><li>Mangle </li></ul><ul><ul><li>Modify requests/responses based on regular expressions. </li></ul></ul><ul><li>Output </li></ul><ul><ul><li>Write logs . </li></ul></ul>
  9. 11. Prajwal Panchmahalkar Team : Matriux , n|u [email_address]
  10. 12. THANKS TO ALL

×