IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners.
IronWASP has a plugin system that supports Python and Ruby. The version of Python and Ruby used in IronWASP is IronPython and IronRuby which is syntactically similar to CPython and CRuby. However some of the standard libraries might not be available, instead plugin authors can make use of the powerful IronWASP API.
One of the design goals of IronWASP is to be usable without reading a documentation. So whether you want to use the UI or do awesome things in the scripting shell, you can dive right in.
The UI has a clean design with helpful wizards for complex tasks, small snippets of text descriptions in different sections and 'Help' sections all over the tool that provide contextual documentation when required.
If you want to do scripting then make use of the 'Script Creation Assistant' that can take you requirement and create the script automatically for you. You could be someone who is trying to learn scripting or an experienced scripting ninja, you will find this feature to be extremly useful.
If you want to create a new vulnerabilty check or write your own security tool in the shortest possible time using the powerful API of IronWASP then use the 'Coding Assistants' available in the 'Dev Tools' menu.
Post a Comment