Web Application Attack and Audit Framework
Tony Perez recently wrote about the Web Application Attack and Audit Framework (W3AF), which is a tool you can use to scan a website for various vulnerabilities, like XSS and SQL injection. You can watch a demo to get a feel for what it does. I think it’s a good thing to run during the testing […]