My queries before start using ironWASP

35 views
Skip to first unread message

winx...@gmail.com

unread,
Apr 27, 2015, 3:56:58 AM4/27/15
to iron...@googlegroups.com

Hi Team, 

I am totally new to IRONwasp or any other web assessments,struck with couple of questions, thanks in advance 

In the login record sequence, i hope i can record only username and password without CSRF, if yes when and what situation i need to use CSRF token ? 

when i perform the scan the URL with ironWASP, what are the list of vulnerabilities i can cover ? can i have the list of vulnerabilities ?

Is the IRONwasp would cover the vulnerabilities like shellshock and Heardbleed ? 

How updated is this or how frequent is this will get update, for example HTTP.sys remote code execution will also cover in this ?

Regards
winxlinx
Reply all
Reply to author
Forward
0 new messages