All integrations
DAST
w3af integration
Export the w3af scan as XML and upload it against the w3af source.
Scan types imported
- Web application attack & audit framework findings
File import
XML
The template walks one vulnerability element per finding.
What Centraleyezer expects in the file
- Per finding: vulnerability name (attribute), description and fix guidance, attached to the scan target.
How imported findings are risk-scored
Every w3af finding is normalised into Centraleyezerβs risk model on import: the scannerβs native severity scale maps to a configurable DREAD vector (Damage, Reproducibility, Exploitability, Affected users, Discoverability), which combines with asset criticality, network exposure, exploitability intelligence and the platformβs other risk factors to produce one comparable risk score across every scanner you run. CVE, CVSS and CWE metadata are preserved on the finding for reference and reporting, and duplicate findings from repeated imports are automatically correlated instead of creating noise.