Editor's note: To see detailed portions of the video, click the "Go Full Screen" button at the bottom of the video window.
When it comes to Web application vulnerabilities, problems such as SQL injection (SQLi) and cross-site scripting (XSS) are seemingly omnipresent in modern Web apps. The Open Web Application Security Project's (OWASP) Top 10 list of Web app vulnerabilities has been around for many years, yet the issues on the list change little from version to version. Technologies such as HTML 5 bring their own security concerns, opening up new avenues of attack that must be closed. How can organizations battling off SQLi, XSS and other attacks go about securing their Web apps? The free and open source security framework w3af may help budget-strapped organizations find and fix these vexing security holes.
In this SearchSecurity screencast, Keith Barker, a Certified Information Systems Security Professional (CISSP) and trainer for CBT Nuggets LLC, provides a w3af tutorial, showing how w3af's many plug-ins can be used to conduct a thorough Web application security scan. First, Keith detailed some of the categories of plug-ins available through w3af, including discovery, audit and attack. The existing plug-ins can work together, so information can be passed from discovery over to audit, or new plug-ins can be created for specific needs.
Then, Keith showed how different plug-ins can be combined into profiles, which can be saved if an organization would like to run the same scans again. Prebuilt profiles, including one specifically for vulnerabilities noted in the OWASP Top 10, are also included in w3af for those organizations that want to hit the ground running. Once w3af runs a Web app security scan, IT teams can simply comb through the details provided on possible vulnerabilities and determine which need to be investigated further. For those organizations seeking to secure Web applications, w3af can serve as a powerful vulnerability scanner.