News
Analyzed 7 days
ago based on code collected 7 days ago.
|
Posted
12 months
ago
by
Zapotek
Those of you who’ve been following Arachni’s Twitter account or Blog you’ll know where this post is coming from. I recently found that my URL normalization methods were sucking up loads of CPU time and that caching these methods (with a simple Ruby Hash) was cutting the time of a 1000-page crawl to almost half; [...]
|
||||||
|
Posted
about 1 year
ago
by
Zapotek
When I started development on the Arachni high-performance grid my focus was on the audit part, i.e. find a way to distribute the audit of batches of individual elements across multiple nodes and avoid duplication of effort amongst them. It was a bit tricky to get right but it turned out to be quite do-able [...]
|
||||||
|
Posted
over 1 year
ago
by
Zapotek
This one had been bugging me since I first started work on the HPG. The gain you get from distributed computing is directly related to how efficient the workload distribution is — which makes sense. The crawling process though doesn’t consist of a workload per se but rather looks for the workload. Also, the difficulty [...]
|
||||||
|
Posted
over 1 year
ago
by
Zapotek
Yes, it’s true… As of now the code in the experimental branch has been converted to use the Apache License Version 2.0. If you’re interested in why this happened here’s the deal: There are currently a few companies that use Arachni internally and a few others that actually provide SaaS security services using Arachni’s distributed [...]
|
||||||
|
Posted
over 1 year
ago
by
Zapotek
Hi guys, A couple of days ago I proudly released v0.4 and, as luck would have it, I later had to swallow some of that pride due to a couple of intermittent bugs that I hadn’t spotted. Well, worry no more as I’m writing this post to announce a rush hotfix version of Arachni, v0.4.0.2. [...]
|
||||||
|
Posted
over 1 year
ago
by
Zapotek
Yes, yes…the time has finally come and there are boons for everyone. This release features the most impressive ChangeLog yet and the first (and coolest) thing in this long list is the brand new High Performance Grid implementation — which has been discussed extensively in the past. Let’s review the big points. New RPC infrastructure [...]
|
||||||
|
Posted
over 1 year
ago
by
Zapotek
One of the things everyone is taking for granted nowadays for every browser and website is decent support for AJAX. Naturally, scanner devs have been trying to find a decent way to automatically audit that side of the fence or at least provide decent coverage for JS-heavy webapps. Thing is though… this is a bitch [...]
|
||||||
|
Posted
over 1 year
ago
by
Zapotek
As promised, part 5. Not that anyone’s reading this crap, once I’m done with the series though I’ll be able to gather them into a nice developer’s guide so I might as well keep going. As always, keep your installation to up date with the experimental branch before continuing. These articles have forced me to [...]
|
||||||
|
Posted
over 1 year
ago
by
Zapotek
Since last time we discussed documentation (boring) this post will be about something functional (cool). And that coolness will in the form of a user interface, beginning with a simple progress output and moving to a full blown console environment — which also means scripting too. By the way, don’t forget to grab and install [...]
|
||||||
|
Posted
over 1 year
ago
by
Zapotek
Managing components Time to leave the framework for now and get back to some basics since after seeing things as a whole you’ll better appreciate these important details. All components (modules, reports, plugins and the unappreciated path
|
||||||
Copyright
©
2013
Black Duck Software, Inc.
and its contributors, Some Rights Reserved. Unless otherwise marked, this work is licensed under a
Creative Commons Attribution 3.0 Unported License
. Ohloh
®
and the Ohloh logo are trademarks of
Black Duck Software, Inc.
in the United States and/or other jurisdictions. All other trademarks are the property of their respective holders.