You can download Web Exploit Finder 2.0, released on October 29th, 2007 here:
- Web Exploit Finder 2.0 (tar.gz)
Made for a typical Linux / debian installation. If you're experienced, try it out, but with reading the included manual while installing since it's only for advanced users. - Web Exploit Finder 2.0 Sources (tar.gz)
If you want to develop further get the source code for the rootkit and the VMControl as well with this package.
The software is licensed under an MIT-style license.
Please also read the installation manual here.
These are additional papers about the project.
- Presentation from the LinuxTag 2007 in Berlin (PDF)
- Project Summary (English) - Whitepaper - September 2006 (PDF)
- Project Summary (German) - Whitepaper - September 2006 (PDF)
- Presentation Slides from July 1st, 2006 (PDF)
If you are interested in more papers you can request the full documentation for the project from the authors.
Also, an introduction to Web Exploit Finder 2.0 can be found in the german IT magazine iX edition 12/2007.