w3af
framework to find and exploit web application vulnerabilities (CLI only)
Install
- All systems
-
curl cmd.cat/w3af.sh
- Debian
-
apt-get install w3af-console
- Ubuntu
-
apt-get install w3af-console
- Windows (WSL2)
-
sudo apt-get update
sudo apt-get install w3af-console
- Raspbian
-
apt-get install w3af-console
- Dockerfile
- dockerfile.run/w3af
w3af-console
framework to find and exploit web application vulnerabilities (CLI only)
w3af is a Web Application Attack and Audit Framework which aims to identify and exploit all web application vulnerabilities. This package provides a command line interface (CLI) only. The graphical user interface (GUI) is provided by the package w3af. The framework has been called the "metasploit for the web", but it's actually much more than that, because it also discovers the web application vulnerabilities using black-box scanning techniques! The w3af core and it's plugins are fully written in Python. The project has more than 130 plugins, which identify and exploit SQL injection, cross site scripting (XSS), remote file inclusion and more.