Offensive Thinking
Internet Thoughtcrime
w3af WebScarab and Burp Proxy import
Posted: 2009-08-11
The WebScarab and Burp Proxy log file import I was talking about in this post has made it to w3af’s trunk as of revision 2995. The code I wrote for the WebScarab part was largely taken from sqlmap, which happened to already have a working import feature written in Python. No need to reinvent the wheel. Although I must say, after having a second glance at the code there are some shortcomings (as I have already addressed on w3af’s mailing list).
AndrĂ©s took Jon’s and my code and merged them into one function, as Burp and WebScarab seem to be quite similar in how they write their logs. As far as I understood Jon, he’s still writing some code which works for even more proxy logs, so maybe we’ll see an update which makes the importResults plugin even better.