Re: [tool] Webstretch - open source web toolkit

[Rogan Dawes <discard () dawes za net>]

Hi Simon, and others.

Just thought that I'd point out that WebScarab does all of the 
below-mentioned things, and a LOT more besides. It is also Java, part of 
the OWASP project, etc, etc.

Rather than duplicating effort, it seems to me that it makes sense to 
combine efforts to create a single best-of-breed tool.

All contributions to WebScarab are most welcome. Right now, Webscarab is 
going through a re-architecture phase, but the latest version on 
sourceforge is quite stable (I think - at least, I've received no bug 
reports).

Please try it, and let me know if there is something missing that you need.

https://sourceforge.net/project/showfiles.php?group_id=64424&package_id=61823

Regards,

Rogan Dawes

Simon Shanks wrote:
> Tool available at ...
>
> http://sourceforge.net/projects/webstretch
> (written in Java)
>
> Enables a user to view & alter all aspects of http comunication with a
> web site via a proxy. Primarily used for security based penetration
> testing of web sites, it can also be used for debugging during
> development. Basically, its main feature is that it allows you to
> access the web, and shows you the information its about to pass to the
> web server, so that you can view & alter any info (all while still in
> your browser)
>
> New features appearing all the time. e.g.
>
> * request alteration
> * request viewing
> * html comment detection
> * browser impersonation
> * hidden area detection
> * proxy chaining
>
> Please add any problems, feature requests, comments, etc to the page
> linked above.

--
Rogan Dawes

*ALL* messages to discard () dawes za net will be dropped, and added
to my blacklist. Please respond to "lists AT dawes DOT za DOT net"