-
February 21st, 2005, 06:06 PM
#1
Senior Member
WebScarab - yay or nay?
Hello all-
I was going through my notes from a recent SANS workshop - the Web Application Security Workshop, and one of the tools they went over was a tool called WebScarab. In fact we had a pretty extensive lab exercise on it, and I thought the tool was pretty in-depth and offered some good information - especially with the Intercept proxy. [edit] They showed us it could do:
(From the presentation)
Interception Proxy: modify request parameters in transit
Spider: download and review a site offline
Request crafting: create and send specific or unusual requests
Session ID Analysis: analyze use of session IDs for weaknesses or discernable patterns
[/edit]
The tool is provided by OWASP (Open Web Application Security Project).
Link: http://www.owasp.org/ .
I was wondering if anyone has worked with this suite of tools and had good/bad/indifferent experiences, along with any tips.
TIA.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|