Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Samurai WTF 0.8 - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Samurai WTF 0.8

A new version of the Samurai WTF (Web Testing Framework) distribution, version 0.8,  has been released this weekend. As a member of the main development team, I'm proud to see that Samurai WTF is becoming the preferred environment for web application security testing.

This new version includes multiple new features, apart from being the first Live DVD version (1.7GB), versus previous Live CD versions (<700MB in size), plus:
- The Samurai WTF Firefox add-ons collection: https://addons.mozilla.org/en-US/firefox/collection/samurai.
- An extensive layout clean-up.
- New SVN capabilities to update the most actively developed web testing tools.
- Metasploit (what allows its integration with other tools, like sqlmap or sqlninja).
- The addition of two well known vulnerable web apps for training and testing purposes, DVWA and Mutillidae.
- Plus new tools and tools updates (see the Changelog within the Live DVD).

Definitely, I recommend you to try it and get the most of this open-source project when evaluating the security of your web applications and sites.

You can gather more details about the Samurai WTF from its main web page, http://samurai.inguardians.com, an OWASP presentation I did on December (available at http://www.radajo.com/2009/12/assessing-and-exploiting-web.html), and download the new version from Sourceforge: http://sourceforge.net/projects/samurai/.

Please, if you are a common user or want to try it, share your comments and improvements through the project mailing list (http://sourceforge.net/mail/?group_id=235785).
--
Raul Siles (www.raulsiles.com)
Taddong is comming soon...

Raul Siles

152 Posts
Many of the add-ons in the WTF Firefox Collection haven't been updated for Firefox 3.6.

Can you just disable version checking and have them all work properly? http://www.tomshardware.com/forum/237772-49-firefox-disable-version-checking
Jasey

93 Posts
Oops. Process changes for 3.6 from 3.5.

http://kb.mozillazine.org/Updating_extensions#Completely_disabling_the_compatibility_check
Jasey

93 Posts
Jason,
Assuming the add-on is compatible wit the target Firefox version, you can also modify the allowed versions within the add-on itself, as described in this RaDaJo post:

http://www.radajo.com/2009/10/samurai-web-testing-framework-wtf.html
Raul Siles

152 Posts

Sign Up for Free or Log In to start participating in the conversation!