WebApp Sec mailing list archives
Re: Security tool for monitoring HTTP headers?
From: Grega Bremec <grega.bremec () noviforum si>
Date: Tue, 24 Feb 2004 15:27:20 +0100
...and on Tue, Feb 24, 2004 at 12:06:27AM -0800, patrick () curioustechnology com used the keyboard:
Does anyone know of a security tool for modifying HTTP headers directly? For example if I wanted to verify that there was proper input validation against some of the data in a POST request, does a tool besides Telnet exist? I was considering creating one but I don't want to duplicate someone else's work. Thanks,
Along the lines of simple socket-to-socket communication, netcat, http://www.atstake.com/research/tools/network_utilities/ and netcat6, http://www.deepspace6.net/projects/netcat6.html, its ipv6-extended clone, might do the trick. To my knowledge, both can read from stdin, so you can easily pipe stuff to them, and they don't suffer from that same problem that telnet does - disconnection upon encountering an EOF on standard input. Both also speak UDP and the old netcat can work as a server too, which makes it quite useful as a monitoring proxy, so they both qualify as must-have tools in any kind of ip-networked environment. The equivalent of netcat/netcat6 that can be useful for multicast testing is emcast, http://www.junglemonkey.net/emcast/, which is actually a suite consisting of both a library and a trivial client, that attempts to near what netcat should be if it spoke multicast. Hope this helped, -- Grega Bremec Senior Administrator Noviforum Ltd., Software & Media http://www.noviforum.si/
Attachment:
_bin
Description:
Current thread:
- Security tool for monitoring HTTP headers? patrick (Feb 24)
- RE: Security tool for monitoring HTTP headers? Skander Ben Mansour (Feb 24)
- RE: Security tool for monitoring HTTP headers? WebAppSecurity [Technicalinfo.net] (Feb 24)
- RE: Security tool for monitoring HTTP headers? Mark Curphey (Feb 24)
- RE: Security tool for monitoring HTTP headers? Glyn (Feb 24)
- RE: Security tool for monitoring HTTP headers? Internet User (Feb 24)
- Re: Security tool for monitoring HTTP headers? Grega Bremec (Feb 24)
- Re: Security tool for monitoring HTTP headers? lists AT dawes DOT za DOT net (Feb 24)
- Re: Security tool for monitoring HTTP headers? Keith W. McCammon (Feb 24)
- Re: Security tool for monitoring HTTP headers? Ivan Ristic (Feb 24)
- Re: Security tool for monitoring HTTP headers? znndrp (Feb 24)
- Re: Security tool for monitoring HTTP headers? Shade (Feb 24)
- Security tool for monitoring HTTPS traffic? Andreas Fredrich (Feb 24)
- RE: Security tool for monitoring HTTPS traffic? WebAppSecurity [Technicalinfo.net] (Feb 26)
- Re: Security tool for monitoring HTTPS traffic? Ivan Ristic (Feb 26)
- Re: Security tool for monitoring HTTP headers? Martin Tsachev (Feb 24)
- RE: Security tool for monitoring HTTP headers? sunzi (Feb 25)
(Thread continues...)