Where to download Extensions?
63 views
Skip to first unread message
Mano
Aug 25, 2011, 3:22:07 AM8/25/11
to Websecurify
Hi,
Websecurify seems good tool for security. We have planned to evaluate
this tool. But some of the features are not there.
I searched whole site. I did not find any Extensions, please let me
know where to download Extensions and how to install.
I have downloaded 0.8 and scanned http://localhost/, tool never thrown
CSRF attack.
Regards,
Mano
Websecurify seems good tool for security. We have planned to evaluate
this tool. But some of the features are not there.
I searched whole site. I did not find any Extensions, please let me
know where to download Extensions and how to install.
I have downloaded 0.8 and scanned http://localhost/, tool never thrown
CSRF attack.
Regards,
Mano
pdp
Sep 7, 2011, 3:56:43 PM9/7/11
to Websecurify
Hi Mano,
At the moment there are only a limited set of extensions most of which
are developed internally. However, as we approach version 1.0, which
is supposed to freeze the core code base, we will release more
documentation on how to contribute extensions.
Stay tuned. We are going to release 0.9 in the next couple of weeks.
pdp
On Aug 25, 8:22 am, Mano <sendtom...@gmail.com> wrote:
> Hi,
>
> Websecurify seems good tool for security. We have planned to evaluate
> this tool. But some of the features are not there.
>
> I searched whole site. I did not find any Extensions, please let me
> know where to download Extensions and how to install.
>
> I have downloaded 0.8 and scannedhttp://localhost/, tool never thrown
> CSRF attack.
>
> Regards,
> Mano
At the moment there are only a limited set of extensions most of which
are developed internally. However, as we approach version 1.0, which
is supposed to freeze the core code base, we will release more
documentation on how to contribute extensions.
Stay tuned. We are going to release 0.9 in the next couple of weeks.
pdp
On Aug 25, 8:22 am, Mano <sendtom...@gmail.com> wrote:
> Hi,
>
> Websecurify seems good tool for security. We have planned to evaluate
> this tool. But some of the features are not there.
>
> I searched whole site. I did not find any Extensions, please let me
> know where to download Extensions and how to install.
>
> CSRF attack.
>
> Regards,
> Mano
Eoin Keary
Sep 7, 2011, 4:02:22 PM9/7/11
to webse...@googlegroups.com, Websecurify
All it does now is scan a given URL?
pdp
Sep 7, 2011, 4:18:37 PM9/7/11
to Websecurify
Yes! :)
You point the url you want to scan and sit back drinking Mojito. The
current alpha, and the stuff in the trunk, make use of a testing
engine which is very optimized. While the engine is fast, it will miss
some corner cases. It also doesn't do extensive bruteforcing and
fuzzing. The capabilities are there but not turned-on by default.
After 0.9 we will start putting more effort into standardizing our
code base which will allow us to release several tutorials and
extensive documentation how to write extensions and as such improve
the core testing capabilities. We are also working on a private
version which has some quite neat capabilities but we will start
talking about it when we are nearly done, i.e. reach some sort of
stable beta.
pdp
You point the url you want to scan and sit back drinking Mojito. The
current alpha, and the stuff in the trunk, make use of a testing
engine which is very optimized. While the engine is fast, it will miss
some corner cases. It also doesn't do extensive bruteforcing and
fuzzing. The capabilities are there but not turned-on by default.
After 0.9 we will start putting more effort into standardizing our
code base which will allow us to release several tutorials and
extensive documentation how to write extensions and as such improve
the core testing capabilities. We are also working on a private
version which has some quite neat capabilities but we will start
talking about it when we are nearly done, i.e. reach some sort of
stable beta.
pdp
pdp
Aug 4, 2012, 12:43:42 PM8/4/12
to webse...@googlegroups.com
I am not sure what your question is. You want to develop an extension in .NET?
On Saturday, 4 August 2012 17:07:15 UTC+1, I_like_websecurify wrote:
On Saturday, 4 August 2012 17:07:15 UTC+1, I_like_websecurify wrote:
I am developing application on Websecurify. Can you help me how to use websecurify for Visual .Net.
Thanks !
Ngọc Thức
Aug 5, 2012, 4:16:50 AM8/5/12
to webse...@googlegroups.com
yes, i want to develop an extension in .NET.
Can you help me ?
I'm really in need of it.
Can you help me ?
I'm really in need of it.
Petko D. Petkov
Aug 5, 2012, 5:33:24 AM8/5/12
to webse...@googlegroups.com
Hi,
I think this will be rather difficult.
Websecurify 0.9 is based on Mozilla's gecko runtime. It executes natively JavaScript, XUL and all web technologies. You can also create xpcom components in C or C++. Simply put binary and .NET byte code are not quite the same so you will need some kind of intermediate device to interfere between both.
One solution I can suggest is to write a very thin JavaScript XPCOM extension which creates a REST service and than you write your main code as a .NET executable which can connect to the REST service and invoke the exposed REST methods.
How does this sound?
--
Petko D. Petkov | GNUCITIZEN.org
Ngọc Thức
Aug 5, 2012, 7:08:56 AM8/5/12
to webse...@googlegroups.com
I don't think so, you can build websecurify to run on windows (file Websecurify_Scanner_0.9.exe). Why do you help me build websecurify on windows ???
Please !
Please !
Petko D. Petkov
Aug 5, 2012, 7:12:49 AM8/5/12
to webse...@googlegroups.com
Hi,
While Websecurify is available on Windows it is not built on the top of .NET. I believe this is your question or am I missing something?
On 5 Aug 2012, at 12:08, Ngọc Thức wrote:
I don't think so, you can build websecurify to run on windows (file Websecurify_Scanner_0.9.exe). Why do you help me build websecurify on windows ???
Please !
Ngọc Thức
Aug 5, 2012, 10:52:46 AM8/5/12
to webse...@googlegroups.com
i'm sorry. I thought you build websecurify on .NET. Thank you very much. but, what tool do you built Websecurify_Scanner_0.9.exe ?
Petko D. Petkov
Aug 5, 2012, 12:47:43 PM8/5/12
to webse...@googlegroups.com
As I mentioned before, the tool is built on the top of Mozilla's runtime.
On 5 Aug 2012, at 15:52, Ngọc Thức wrote:
i'm sorry. I thought you build websecurify on .NET. Thank you very much. but, what tool do you built Websecurify_Scanner_0.9.exe ?
Ngọc Thức
Aug 5, 2012, 11:44:34 PM8/5/12
to webse...@googlegroups.com
Thank you very much ! It's my pleasure to know you.
Reply all
Reply to author
Forward
0 new messages