Multiple domain names as target

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.

http://w3af.org/

4.52k stars 1.21k forks source link

Multiple domain names as target #2618

Open andresriancho opened 10 years ago

andresriancho commented 10 years ago

Complex sites usually use more than one domain name to serve content, data, images, etc. Today the framework only accepts one domain name as the target, and won't be able to find some vulnerabilities due to this limitation.

Many framework parts depend on the fact that we're only scanning one domain (google spider for example). What needs to be done is:

Identify all parts of the framework which have this limitation and create individual tasks
Remove any specific validations

cwill164 commented 7 years ago

Has the multiple domains milestone been met or received any potential improvements? That would be quite useful for me.