Websecurify 0.6 beta Weaponry Development
4 views
Skip to first unread message
BoBeR182
May 20, 2010, 2:45:38 AM5/20/10
to Websecurify
what is it does it have to do with the inactive Exploit button
also how do you get the Exploit button to work
what does it do
can i add my own exploits like null byte uploads
and sql bypasses of username forms
also how do you get the Exploit button to work
what does it do
can i add my own exploits like null byte uploads
and sql bypasses of username forms
pdp
May 22, 2010, 1:06:37 PM5/22/10
to Websecurify
Good question. Websecurify is more than it seems. A lot of code has
bee put into place to make extension development a breeze. It is
actually quite easy for you add new exploits or whatever you fancy
under this menu and also easily integrated with the reports. For
example if the scanner encounters a SQL injection you can easily add
an exploit module to take advantage of the vulnerability. The built-in
exploit modules will come in future versions although there are
already a few private modules that can take advantage of SQL, XSS and
CSRF issues.
As for the documentation, it will be coming together around version
1.0 when the tool will be quite standardised. We are also thinking to
open an addon-ons network to all developers like you to post your
extensions so others can use them.
In summary, many exciting things are on their way and will materialise
very soon.
bee put into place to make extension development a breeze. It is
actually quite easy for you add new exploits or whatever you fancy
under this menu and also easily integrated with the reports. For
example if the scanner encounters a SQL injection you can easily add
an exploit module to take advantage of the vulnerability. The built-in
exploit modules will come in future versions although there are
already a few private modules that can take advantage of SQL, XSS and
CSRF issues.
As for the documentation, it will be coming together around version
1.0 when the tool will be quite standardised. We are also thinking to
open an addon-ons network to all developers like you to post your
extensions so others can use them.
In summary, many exciting things are on their way and will materialise
very soon.
BoBeR182
May 31, 2010, 12:27:59 AM5/31/10
to Websecurify
who has the private mods are they free or member only
Petko D. Petkov
May 31, 2010, 4:18:02 AM5/31/10
to webse...@googlegroups.com
some of them are part of the public source code repository but not compiled into the release binaries... some are private, i.e. I've got them locally. more will be released towards version 1.0 which we should reach quite rapidly.
Reply all
Reply to author
Forward
0 new messages