Advanced tips and tricks

Memory usage and caches

w3af uses various types of caches to speed-up the scan process, one of the most important ones is an in-memory cache which holds the result of parsing an HTTP response body. Parsing HTTP response bodies in a CPU intensive process, and different w3af plugins might want to parse the same response so it makes a lot of sense to use a cache in this situation.

The ParserCache is a LRU cache which holds the items in memory to provide fast access. Some advanced users might note that the cache size is set to a constant (10 at the time of writing this documentation), which has these side effects:

  • w3af will consume ~250MB of RAM, most of it allocated by the cache.
  • When run on a system with low free RAM using ~250MB is good, since we want to avoid operating system swapping pages to disk.
  • When run on a system with 8GB of free RAM w3af could be adding more items to the cache and, increase the cache hit-rate, reduce the CPU usage and overall scan time.

Most users won’t even notice all this and use w3af without this advanced tweak, but feel free to adjust the CACHE_SIZE = 10 to any value that fits your needs.

In order to debug the cache hit-rate (which should increase with the CACHE_SIZE) run w3af with the W3AF_CORE_PROFILING environment variable set to 1 and inspect the JSON files at /tmp/w3af-*.core