w3af Archived Reviews (More than two years old)

Filter by:Reset all filters
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Omar Sánchez (Mr.Tech)
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Jul 09 2015

What is most valuable?

Having this on a USB drive saved me so many times, and has also proven an easy way to hammer the point home when doing a physical penetration test.

How has it helped my organization?

We've been able to do lots of tests and have gotten lots of useful results.

What needs improvement?

I found it buggy, but it probably takes an expert user who knows programming to work it properly.`

Which solution did I use previously and why did I switch?

I use many tools, but this one is always the first.

What other advice do I have?

I tried to install this on numerous systems and eventually, with help, I got it running. It needs far too many dependencies installed and there's too much messing about to be of much use. Once… more»

Which other solutions did I evaluate?

We chose this one because it is one of the most powerful web penetration tools.

What is w3af?

w3af is a Web Application Attack and Audit Framework. The project's goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities. Our framework is proudly developed using Python to be easy to use and extend, and licensed under GPLv2.0.
Download our free Application Security Report and find out what your peers are saying about w3af, PortSwigger, Acunetix, and more!