HOWTO : W3af on Ubuntu Desktop 12.04 LTS

W3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities.



Step 1 :



Make sure you follow the steps below one by one.



sudo -sH

cd /opt



apt-get update

apt-get install git build-essential



git clone https://github.com/andresriancho/w3af.git



apt-get install python2.7-dev python-setuptools python-pip



pip install PyGithub GitPython pybloomfiltermmap esmre nltk pdfminer futures scapy-real guess-language cluster msgpack-python python-ntlm



pip install -e git+git://github.com/ramen/phply.git#egg=phply



apt-get install graphviz python-gtksourceview2



pip install xdot




Step 2 :



To run it.



sudo -sH

cd /opt/w3af



./w3af_gui




or



./w3af_console



Step 3 :



Make sure you change the path of the Metasploit at "Configuration" -- "Miscellaneous" -- "Metasploit".



e.g. /opt/metasploit/app/

e.g. /opt/metasploit/apps/pro/msf3/



Remarks :







Automated Audit using W3AF



That's all! See you.