WebApp Sec mailing list archives
PortSwigger.net - web application hack tools
From: Mads Rasmussen <mads () opencs com br>
Date: Tue, 15 Jun 2004 11:40:16 -0300
I haven't seen these tools mentioned on the list, all free for download Please bear with me if these are wellknown, anyone have experience to share? <http://portswigger.net/>_Burp intruder_ is a tool to facilitate automated attacks against web-enabled applications. It uses a powerful engine to generate malicious HTTP requests using a template and a set of attack vectors. Burp intruder is highly configurable, and can be used to identify and exploit unusual vulnerabilities in bespoke application functionality.
_Burp spider_ is a tool for enumerating web-enabled applications. It uses various intelligent techniques to generate a comprehensive inventory of an application's content and functionality, avoiding the time-consuming and unreliable task of manually following links, submitting forms and scouring HTML source code.
_Burp proxy_ is an interactive HTTP/S proxy server for attacking and debugging web-enabled applications. It operates as a man-in-the-middle between the end browser and the target web server, and allows the user to intercept, inspect and modify the raw traffic passing in both directions.
_Sock_ is a simple tool for manually attacking web-enabled applications. It allows a single HTTP/S request to be manipulated and re-issued repeatedly from the same window. Each response can be viewed as plain text or rendered as a web page, and can be searched for keywords.
-- Mads Rasmussen, M.Sc. Open Communications Security www.opencs.com.br +55 11 3345 2525
Current thread:
- PortSwigger.net - web application hack tools Mads Rasmussen (Jun 16)
- Re: PortSwigger.net - web application hack tools Frank Knobbe (Jun 16)