|
Penetration Testing
mailing list archives
Re: Web Application Penetration Testing Tools
From: <balinsky () cisco com>
Date: 10 Oct 2003 20:29:13 -0000
In-Reply-To: <20031008012450.29598.qmail () sf-www3-symnsj securityfocus com>
Try Richard van den Berg's modifications to HtmlBar. It's a DLL for IExplore that allows you to view and manipulate
forms variables (including hidden ones). Not sure about cookies, but it looks pretty cool.
http://www.vdberg.org/~richard/htmlbar.html
Andy
This simple application allows me to browse a web application and easily see links, form elements, cookies, a log of
actual commands being sent back and forth and more. The ability to manipulate cookies and form elements makes it very
useful.
Unfortunately, it's support as a web browser is limited so I can't test all web applications (such as embeded scripts
and frames).
Does anyone know of some other good tools for auditing web applications with the ability to manipulate form data and
cookies before being sent to the server?
Preferably, I'm looking for something based on Windows that is browser based (as opposed to proxy based) but am still
open to all platforms and methods.
---------------------------------------------------------------------------
Tired of constantly searching the web for the latest exploits?
Tired of using 300 different tools to do one job?
Get CORE IMPACT and get some rest.
www.coresecurity.com/promos/sf_ept2
----------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- RE: Web Application Penetration Testing Tools, (continued)
|
Intro
