WebApp Sec mailing list archives
Re: Web Browser For Penetration Test
From: Gareth Davies <gareth.davies () mynetsec com>
Date: Wed, 12 Apr 2006 13:07:59 +0800
I use Firefox with IEtab extension and Burp Suite. http://www.portswigger.net/suite/ https://addons.mozilla.org/extensions/moreinfo.php?id=1419&application=firefox WebScarab is good too. Another option for Burp is Paros if you want some choice. http://www.parosproxy.org/index.shtml My favourite is definately Burp though. nimdA wrote:
Dear All I'm looking for web browser that help me in penetration testing of web applications, there are a lot of scanning tools, but I'm looking for a basic web browser which allow me to control all the data that send to or receive from the web server. There are some grate tools like minibrowser, but with complex application it did not work fine unless you use "Internet Explorer" as a browser, and you will lose the benefits of this browser. Unfortunately, I can't find other browser that does the same thing. What I'm looking for is a simple application, before send or receiving any value from the web server asks the user to confirm that data that will send or will receive, not more then that. So, If any one know some software or IE plug-in or client proxy that will help me on this, please send it. Thanks. ------------------------------------------------------------------------- Sponsored by: WatchfireWatchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today!https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF --------------------------------------------------------------------------
-- Gareth Davies - BS7799 LA, OPST Manager - Security Practice Network Security Solutions MSC Sdn. Bhd. Suite E-07-21, Block E, Plaza Mont' Kiara, No. 2 Jalan Kiara, Mont’ Kiara, 50480Kuala Lumpur, Malaysia Phone: +603-6203 5303 or +603-6203 5920
www.mynetsec.com ------------------------------------------------------------------------- This List Sponsored by: SPI DynamicsALERT: "How A Hacker Launches A Web Application Attack!" Step-by-Step - SPI Dynamics White Paper Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as: SQL Injection, Cross Site Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl --------------------------------------------------------------------------
Current thread:
- Web Browser For Penetration Test nimdA (Apr 09)
- Re: Web Browser For Penetration Test pagvac (Apr 09)
- Re: Web Browser For Penetration Test Sven Vetsch (Apr 09)
- RE: Web Browser For Penetration Test Hamed Tajabadi (Apr 09)
- RE: Web Browser For Penetration Test Hamed Tajabadi (Apr 09)
- Re: Web Browser For Penetration Test Justin Clarke (Apr 10)
- RE: Web Browser For Penetration Test Richard M. Smith (Apr 10)
- Re: Web Browser For Penetration Test Tim Brown (Apr 10)
- Re: Web Browser For Penetration Test Gareth Davies (Apr 12)
- <Possible follow-ups>
- Re: Web Browser For Penetration Test ROB DIXON (Apr 10)
- RE: Web Browser For Penetration Test Anthony Cicalla (Apr 10)
- RE: Web Browser For Penetration Test Evans, Arian (Apr 10)