# w3af

**Repository Path**: git-zl/w3af

## Basic Information

- **Project Name**: w3af
- **Description**: web漏洞扫描器
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 1
- **Created**: 2020-09-01
- **Last Updated**: 2022-04-07

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

## w3af - Web Application Attack and Audit Framework

[w3af](http://w3af.org/) is an [open source](https://www.gnu.org/licenses/gpl-2.0.txt)
web application security scanner which helps developers and penetration testers
identify and exploit vulnerabilities in their web applications.

The scanner is able to identify [200+ vulnerabilities](https://github.com/andresriancho/w3af/blob/master/w3af/core/data/constants/vulns.py),
including [Cross-Site Scripting](https://github.com/andresriancho/w3af/blob/master/w3af/plugins/audit/xss.py),
[SQL injection](https://github.com/andresriancho/w3af/blob/master/w3af/plugins/audit/sqli.py) and
[OS commanding](https://github.com/andresriancho/w3af/blob/master/w3af/plugins/audit/os_commanding.py).

## Contributing

Pull requests are always welcome! If you're not sure where to start, please take
a look at the [First steps as a contributor](https://github.com/andresriancho/w3af/wiki/First-steps-as-a-contributor)
document in our wiki. All contributions, no matter how small, are welcome.

## Links and documentation
 * [w3af's main site](http://w3af.org/)
 * [Project documentation](http://docs.w3af.org/en/latest/)

## Sponsors

[Holm Security](https://www.holmsecurity.com/) sponsors the project and uses [w3af](http://w3af.org/)
as part of their amazing [automated and continuous vulnerability assessment platform](https://www.holmsecurity.com/vulnerability-assessment).

Found this project useful? Donations are accepted via [ethereum](https://www.ethereum.org/) at `0xb1B56F04E6cc5F4ACcB19678959800824DA8DE82`