Using W3af for vulnerability assessment

In this recipe, we will learn how to use W3af to find vulnerabilities within a target web application. W3af is a web application attack and audit framework. The project's goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities.

Getting ready

To step through this recipe, you will need Kali Linux running on Oracle Virtualbox and an Internet connection. No other prerequisites are required.

How to do it...

For this recipe, you need to perform the following steps:

  1. Open the terminal and type w3af_gui; the w3af window will be as shown in the following screenshot:

  2. Select the OWASP_TOP10 option from the profile selector in the left-hand side ...

Get Kali Linux Intrusion and Exploitation Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.