Arachni is ready! I think…
If you want to see the state of the framework you can take a look here:
Right click -> View image to see it full-sized.
Finally I’ve run out of ideas and features to implement.
Every time I thought that the framework was good to go a new idea poped up in my head and I just had to implement it.
But I think that it’s time I start writing modules.
I’ve tested, I’ve bugfixed, I’ve optimized, I’ve added paradigm shifting behavior (the trainer), I don’t think there’s anything more to add.
Well, there probably is and users will have feature requests but you know what I mean…
Of course I’ll back-off for a couple of days to clear my head and if I nothing else comes to me then I’ll start developing the modules.
It’s weird…I keep staring at the Ohloh badge, on your right, and I can’t believe that the framework only took 4K lines of code.
I really like that though, small codebase, easy to maintain, simple code… that’s what I wanna see.
Huh, I just took a look at: http://www.ohloh.net/p/arachni/analyses/latest
The whole project is closer to 7K LOCs if you take the comments into account, that’s why it feels bigger to me.
But hey, you’ve got to document your code.
That’s all for now.
 The Trainer sub-system of the Arachni Framework analyses every HTTP response during the recon and audit stages and enables Arachni to learn about changes to the webpage under audit.
So if a new form or link or cookie dynamically appears as a result of the audit, Arachni is immediately aware of it and adds it to the queue of elements to be audited.
So it’s an expert-system kind of deal, it imitates human awareness and behavior (it sounds fancy, I know, but it’s really simple actually).
You’re probably thinking “Well, duh!”; however there’s a good chance that Arachni is the first system to implement this.
(If the last statement is wrong please let me know. )
Leave a comment