search

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.
http://w3af.org/
4.58k stars 1.22k forks source link

Integrate Wappalyzer DB #1081

Open andresriancho opened 10 years ago

andresriancho commented 10 years ago

Wappalyzer has a really nice DB with application fingerprints which would allow w3af to identify many apps:

Wappalyzer is a cross-platform utility that uncovers the technologies used on websites. It detects content management systems, eCommerce platforms, web servers, JavaScript frameworks, analytics tools and many more.

https://github.com/AliasIO/Wappalyzer/blob/master/src/apps.json

It would be nice to integrate it, but also see if we can work together with the author in order to help him keep it updated.

Also check the various "drivers" at https://github.com/AliasIO/Wappalyzer/wiki/Unofficial-drivers-and-ports

andresriancho commented 10 years ago

Related with #1984

andresriancho commented 5 years ago

It took me too much time to review and merge https://github.com/andresriancho/w3af/pull/12208

Now that I've started a quest to process all of w3af's PRs the problem is that wad is outdated.

I still want to see wad being integrated into w3af, but it makes no sense to integrate as-is. We need: