Hi Team,
I am totally new to IRONwasp or any other web assessments,struck with couple of questions, thanks in advance
In the login record sequence, i hope i can record only username and password without CSRF, if yes when and what situation i need to use CSRF token ?
when i perform the scan the URL with ironWASP, what are the list of vulnerabilities i can cover ? can i have the list of vulnerabilities ?
Is the IRONwasp would cover the vulnerabilities like shellshock and Heardbleed ?
How updated is this or how frequent is this will get update, for example HTTP.sys remote code execution will also cover in this ?
Regards
winxlinx