RE: Web Browser For Penetration Test

[Anthony Cicalla <Anthony.Cicalla () BankServ com>]

www.owasp.org

Go there and get webscarab it's a proxy for exactly what your talking about.



Sincerely,
Anthony Cicalla,
CNA, CEH, CISSP, MCP, SCTA
Bankserv
222 Kearny St.
Suite 400 
San Francisco, California 94108
 
 
NOTICE: The information contained in this message may be privileged and
confidential and protected from disclosure or unauthorized use.  If the
reader of this message is not the intended recipient, you are hereby
notified that any dissemination, distribution or copying of this
communication is prohibited.  If you have received this communication in
error, please notify us immediately by replying to this message then delete
it.  All e-mail sent to this address shall be received by BServ, Inc. or one
of its subsidiaries/affiliates and may be archived or reviewed.

-----Original Message-----
From: ROB DIXON [mailto:rdixon () workforcewv org] 
Sent: Monday, April 10, 2006 6:24 AM
To: nimda1 () gmail com; webappsec () securityfocus com
Subject: Re: Web Browser For Penetration Test

Burp Proxy.

Robert L. Dixon,  CHFI
State of West Virginia's
West Virginia Office of Technology
Infrastructure Applications
Netware/GroupWise Administrator
Telephone: (304)-558-5472 ex.4225
> > > nimdA <nimda1 () gmail com>  >>>
Dear All

I'm looking for web browser that help me in penetration testing of web
applications, there are a lot of scanning tools, but I'm looking for a basic
web browser which allow me to control all the data that send to or receive
from the web server.

There are some grate tools like minibrowser, but with complex application it
did not work fine unless you use "Internet Explorer" as a browser, and you
will lose the benefits of this browser.

Unfortunately, I can't find other browser that does the same thing.
What I'm looking for is a simple application, before send or receiving any
value from the web server asks the user to confirm that data that will send
or will receive, not more then that.

So, If any one know some software or IE plug-in or client proxy that will
help me on this, please send it.

Thanks.

-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. Change the way you
think about application security testing - See for yourself.
Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------



-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. Change the way you
think about application security testing - See for yourself. 
Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------

Attachment: smime.p7s
Description: