Welcome to w3af's documentation
This document is the user's guide for the Web Application Attack and Audit Framework (w3af), its goal is to provide a basic overview of what the framework is, how it works and what you can do with it.
w3af is a complete environment for auditing and exploiting Web applications. This environment provides a solid platform for web vulnerability assessments and penetration tests.
|Users mailing list|
|Developers mailing list|
.. toctree:: :maxdepth: 2 install advanced-install update phases basic-ui scripts authentication common-use-cases advanced-use-cases docker scan-rest-apis exploitation advanced-exploitation report-a-bug contribute
.. toctree:: :maxdepth: 3 gui/index
REST API documentation
.. toctree:: :maxdepth: 3 api/index
Advanced tips and tricks
.. toctree:: :maxdepth: 2 advanced-tips-tricks