OWASP TOP 10 VULNERABILITY SCANNING USING W3AF
w3af is an Open source tool available to download from git hub. It’s a tool which is used for exploiting vulnerabilities of OWASP 10 in the web application, so that penetration testers and developers can find out the vulnerabilities in their web applications.
Actually this tool is also having GUI mode, but personally i always suggest CLI mode for Pen-testing, There lies the fun.
REQUIREMENTS : KALI LINUX OPERATING SYSTEM WITH INTERNET CONNECTIVITY.
STEP 1 : Download the w3af tool from git hub, using git clone install the tool in KALI LINUX.
STEP 2 : For installation you need some prerequisites to run this program, like python, pip and git make sure your system meets all the requirements.
Installation
STEP 4: IF NOT U NEED TO FOLLOW THESE COMMANDS, git clone https://github.com/andresriancho/w3af.git
cd w3af/
./w3af_console ————> I tried this and found some missing dependencies, so go with the next command.
. /tmp/w3af_dependency_install.sh.
Still there are some third party packages need to be installed it’s most probably npm packages, so use this link to https://ourcodeworld.com/articles/read/410/how-to-install-node-js-in-kali-linux install the npm retire package and install the rest. Carefully install each and every package.
STEP 5 : Run w3af with w3af_console
