Recent
w3af
Ive just finished coding a wordpress version fingerprinting plugin for w3af so I thought id let you all know what w3af is and how you can contribute too.
w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.
Any serious security professional should have w3af in their tool kit, w3af can discover, evade, audit and exploit web application vulnerabilities.
The plugin I developed (wordpress_fingerprint) scans wordpress installations for their version. It does this by first checking that wordpress is installed, if it is it will check to see if the version is in the index header source code and will then go through a list of fingerprinting data. The plugin will find the version even if there is a security plugin installed.
To contribute to w3af:
Mailing list: http://sourceforge.net/mail/?group_id=170274
IRC channel: irc://irc.freenode.net:8001/w3af
Download: http://sourceforge.net/projects/w3af/
A big thanks to Andres Riancho for a great tool and for helping me develop the plugin.
