W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014.

Slides:

Advertisements

Similar presentations

12 October 2011 Andrew Brown IMu Technology EMu Global Users Group 12 October 2011 IMu Technology.

Advertisements

1 WebManager: Transforming a Network Management Application Into a Component-Based Framework Sauvé, Coutinho, Almeida, Souza, Duarte 2001.

© Nintendo Game Document Game Development - Spring

Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.

Penetration testing – W3AF Tool

The Open Grid Service Architecture (OGSA) Standard for Grid Computing Prepared by: Haoliang Robin Yu.

Ch 3 Usability page 1CS 368 Usability Models the authors compare three usability models and introduce their own “the extent to which a product can be used.

1 Software Reuse in Eclipse Kellie-Ann Smith Norgye Yuanyuan Song Xiang Yin Jia Xu.

Build a SharePoint App with Microsoft Access. About me.

L EC. 01: J AVA FUNDAMENTALS Fall Java Programming.

ECLIPSE IDE N AME : A SHOK P ADMARAJU C OURSE : T OPICS ON S OFTWARE E NGINEERING I NSTRUCTOR : D R. S ERGIU D ASCALU.

Team - CA CSCI 5234 Web Security.  Collect and document information of ecommerce security mechanisms.  Using: wiki engine for collaboration.

W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

EUROPEAN UNION Polish Infrastructure for Supporting Computational Science in the European Research Space Cracow Grid Workshop’10 Kraków, October 11-13,

Cloud Computing Introduction to China-cloud Project and Related Works in JSI Yi Liu Sino-German Joint Software Institute, Beihang Univ. May 2011.

CMPS 435 F08 These slides are designed to accompany Web Engineering: A Practitioner’s Approach (McGraw-Hill 2008) by Roger Pressman and David Lowe, copyright.

XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 5 1 Downloading and Storing Data Using FTP and Other Services to Transfer and.

 Cloud computing  Workflow  Workflow lifecycle  Workflow design  Workflow tools : xcp, eucalyptus, open nebula.

The Collaborative Imaging Grid (CIG) Edward Marsh, Kurtis Heimerl, Andrew Urhausen, Paul Javid, Aneesa Awaludin, Austin Cargol.

Electrical and Computer Engineering Klaus Kristo Clem Leung Adam Frieden Chris Davidson Faculty: Professor Ramgopal Mettu Project: iPlanAhead Comprehensive.

DIRAC Web User Interface A.Casajus (Universitat de Barcelona) M.Sapunov (CPPM Marseille) On behalf of the LHCb DIRAC Team.

Duke University Program Design & Construction Course Application Development Tools Sherry Shavor

1 OpenSEA Alliance – Enabling Ubiquitous Secure Network Access | 9/15/2015 Opening Wireless Security at the Open1X Project Matthew Gast

1 WEB Engineering Introduction to Electronic Commerce COMM1Q.

Mobility for Kinetic Data Nasrin Azari Mobile Reach.

Smart Phone Laboratory ECEN 489 Srinivas Shakkottai.

W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014.

SCI-BUS is supported by the FP7 Capacities Programme under contract nr RI CloudBroker Platform integration into WS-PGRADE/gUSE Zoltán Farkas MTA.

Grid Initiatives for e-Science virtual communities in Europe and Latin America DIRAC TEAM CPPM – CNRS DIRAC Grid Middleware.

GSI 1.0 by A. Elmekati M. Zeghal Geotechnical System Identification Software Framework 8/20/07 Introducing.

STAC usage at Diamond Richard Fearn Software Engineer.

WordFreak A Language Independent, Extensible Annotation Tool.

INFSO-RI Module 01 ETICS Overview Alberto Di Meglio.

Ontology Engineering and Plugin Development with the NeOn Toolkit Plug-in Development for the NeOn Toolkit June 1st, 2008 Michael Erdmann, Peter Haase,

Chapter 7 IS630. Project Design  Technical Design & Specification Network and System Architecture & Design Software System Architecture & Design  Database.

Ch 1. A Python Q&A Session Spring Why do people use Python? Software quality Developer productivity Program portability Support libraries Component.

INFSO-RI Module 01 ETICS Overview Etics Online Tutorial Marian ŻUREK Baltic Grid II Summer School Vilnius, 2-3 July 2009.

IIM Intro What is IIM? An information delivery and management solution. IIM App iPad Client Integration IIM Services Interface IIM Web Account Payment.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Architectural pattern: Interceptor Source: POSA II pp 109 – 140POSA II Environment: developing frameworks that can be extended transparently Recurring.

Extending OSS with Mozilla: Creating a DND Look Up Extension for Mozilla Thunderbird.

MBL206 A First Look at the Microsoft Location Server (MLS) Steve Lombardi Technical Product Manager MapPoint Business Unit Microsoft Corporation.

CTP210 TERM PROJECT

Framework for the Creation of Digital Knowledge Resources to meet the Challenges for Digital Future: A Librarian’s Perspective Dr. Harish Chandra Librarian.

TPF Users Group Fall Conference Integrated Workstation Taskforce Requirements Document.

11 CORE Architecture Mauro Bruno, Monica Scannapieco, Carlo Vaccari, Giulia Vaste Antonino Virgillito, Diego Zardetto (Istat)

My App. Learning Objectives To understand what is meant by an App To learn about the technology used by Apps To learn about different mobile technologies.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Nick Draper Tessella Instrument Independent Reduction and Analysis at ISIS and SNS.

12 October 2011 Andrew Brown IMu Technology 2012 Australasian EMu Conference 11 September 2012 IMu Overview.

CSEM Experience with Community Modeling Tamas Gombosi.

Test a Little, Code a Little Colin Sharples IBM Global Services New Zealand Colin Sharples IBM Global Services New Zealand.

Mantid Manipulation and Analysis Toolkit for Instrument data.

NeOn Components for Ontology Sharing and Reuse Mathieu d’Aquin (and the NeOn Consortium) KMi, the Open Univeristy, UK

Tools Interoperability Workshop ICCS Issues Interchange Problems Solutions –Web services –IS architectures –Common projects –...

CRISP WP 17 1 / 2 Proposed Metadata Catalogue Architecture Document.

A tour of new features

Paths to a Reference Architecture for an Open Bio Grid Rick Stevens.

Andrés Riancho ariancho cybsec.com w3af – A framework to own the Web CanSecWest 2008 Vancouver, Canada.

XNAT 1.7: Getting Started 6 June, Introduction In this presentation we’ll discuss:  Features and functions in XNAT 1.7  Requirements  Installing.

Google App Engine. Contents Overview Getting Started Databases Inter-app Communications Modes.

ENOG13 Saint Petersburg Diego Luis Neto SW NL-ix.

June 1, 2008 Michael Erdmann, Peter Haase, Holger Lewen, Rudi Studer

The Open Grid Service Architecture (OGSA) Standard for Grid Computing

SEEM4570 Tutorial 1 Android SDK + XCode SDK +

Genome Workbench Chuong Huynh NIH/NLM/NCBI New Delhi, India

Process for Organising Software Development Activities

CMPE 135: Object-Oriented Analysis and Design March 14 Class Meeting

Travelers E-Agent Program

CS4540 Special Topics in Web Development Introduction to .NET

Presentation transcript:

W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014

w3af09/24/14 Outline  What is w3af?  Why we chose it?  Our Approaches  Evaluation

w3af09/24/14 What is w3af  Web application vulnerability scanner  2 main components  Core: Engine to coordinate, resource and features to be consumed  Plug-ins: Mechanism, performs tasks from different security perspective

w3af09/24/14 Why w3af  In Python!  Cross-platform  GUI and command-line interface  Framework: extensibility  Well documented  Online community

w3af09/24/14 Approaches  Setup and run  Deep understanding of architecture and core source  Choose experiment web apps  Collect results  Make the tutorial

w3af09/24/14 Evaluation  Compare with other framework  Ease of use?  Extensibility?

Photonics Presentation09/24/14 w3af