Bonsai Information Security - Research

w3af - Web Application Attack and Audit Framework


w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that are both easy to use and extend. The project started back in 2006 with only one developer but it is now developed and supported by a team of Web Application Hackers and Open Source experts around the world. This video representation of the SVN server commit activity shows how w3af has grown over the years:

One of the long-term objectives of the framework is to become the de-facto standard of Web Application Scanning and Exploitation tools. With the community’s help, and the financial support of Bonsai, the w3af team hopes to achieve this goal by 2011.

Further information, screenshots and demo videos, can be found at the official w3af website.