10/04/2012 – 0.13b “HackPra” pre-alpha release: Dedicated to HackPra, its organisers and attendants
+ Inclusion of slowloris, thanks to RSNake for allowing redistribution!
+ More indentation clean up in various files
+ Fixed bug on DeriveURLSettings: Thanks to Sandro Gauci for reporting!
The home-brew parsing was resulting in an error like below with URLs like http://example.com:81
“Aborted by Framework: Cannot resolve Hostname: example.com:81”
URL parsing is now done via the urlparse library
+ Fixed bug introduced in the fix above whereby urlparse was returning “None” for the port in the summary report:
Reintroduced scheme check to handle this case and ensure the port is never blank regardless of URL format
+ Fixed bug similar to the one in DeriveURLSettings on the OWTF Core:
IsInScopeURL was parsing the hostname from the URL in a home-brew fashion this worked ok most of the time
but in some cases could lead to bugs, core.py is now using urlparse for parsing the hostname from the URL
+ Added regression test shell scripts to tests directory
OWTF 0.13b “HackPra” released!
This is a stability release fixing a number of issues I encountered as I was preparing my demos -1h :)- for HackPra tomorrow. I will try to explain this weird tool a bit better and look forward to your feedback :).
OWTF 0.13b “HackPra” is dedicated with special love to HackPra, its organisers and attendants!
NOTE: Since we are no longer in the middle ages I have assumed that nobody will have problems with number “13” :).
Usual background + Disclaimer:
The Offensive (Web, etc) Testing Framework (aka OWTF) is an OWASP+PTES-focused try to unite great tools and make pen testing more efficient @owtfp http://owtf.org
WARNING: This tool unites many great tools, websites, knowledge and their associated power, please hack responsibly and always have permission. That being said, happy pwnage 🙂
Some links:
– Project page: http://owtf.org
– You will probably get the most out of this tool if you look at the Presentation Slides first.
– Download OWTF: https://github.com/7a/owtf/tree/master/releases
– Demo interactive reports (Firefox >= 8): https://github.com/7a/owtf/tree/master/demos
Change log since OWTF 0.13 “Trooper” (Full change log is here):
