1) Fixed a bug in the ScriptedSend feature
2) Increased the MaxLength property of all FormatPlugin XML textbox to 2147483647
3) Added UI Designer feature along with all the associated classes
4) UI Designer and Script Editor are now placed under a new menu item named 'Dev Tools'
5) Trace and Plugins tabs are now placed under a new tab named 'Dev'
6) GetLinkCliks, GetFormSubmissions and GetRedirects methods of the Crawler class have now become public static and can be called from the Scripting Shell
7) FormatPlugin gets two new methods named GetXmlInjectionPointsCount and InjectInRequest to make fuzzing custom formats easier. A feature request from Shreeraj.
8) new keyword added to a few methods of the BodyParameters class that were overriding the base class method of similar names.
9) InjectInXml method of FormatPlugin class now uses XmlTextWriter instead of XmlWriter to handle XML with namespaces.
10) LastProxySessionId and similar properties of the Config class have been renamed to LastProxyLogId etc
11) Temporarily turned off Cookie and Header injection in full automated scanning to reduce scan times.
IronWASP (Iron Web application Advanced Security testing Platform) is an open sourcesystem for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool’s features are simple enough to be used by absolute beginners.https://github.com/Lavakumar/IronWASP
http://ironwasp.org/index.html
Previous post regarding Ironwasp -
http://santoshdudhade.blogspot.in/2012/07/ironwasp-v0903.html
http://santoshdudhade.blogspot.com/2012/09/ironwasp-v0914.html
For More Information -
https://github.com/Lavakumar/IronWASP/commit/b495c0c7acb00cabd913a507cc3d08277ddadf55
Screenshot -
0 comments:
Post a Comment