Penetration testing / Tools & Software / WebApp testing / Proxy tools

Paros proxy
Category: Tools & Software: WebApp testing: Proxy tools
A Java based web proxy for assessing web application vulnerability. It supports editing/viewing HTTP/HTTPS messages on-the-fly to change items such as cookies and form fields. It includes a web traffic recorder, web spider, hash calculator, and a scanner for testing common web application attacks such as SQL injection and cross-site scripting.
ProxyStrike
Category: Tools & Software: WebApp testing: Proxy tools
ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems we faced in the pentests of web applications that heavily depends on Javascript, not many web scanners did it good at this stage, so we came with this proxy.
SPIKE Proxy
Category: Tools & Software: WebApp testing: Proxy tools
Spike Proxy is an open source HTTP proxy for finding security flaws in web sites. It is part of the Spike Application Testing Suite and supports automated SQL injection detection, web site crawling, login form brute forcing, overflow detection, and directory traversal detection.
WebScarab
Category: Tools & Software: WebApp testing: Proxy tools
WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab has several modes of operation, implemented by a number of plugins.

What's new! What's up?

AddThis Social Bookmark Button  Digg!
  • © 2010 penetrationtests.com