If you're interested in a commercial solution, WebInspect
(http://www.spidynamics.com/download.html) meets all of your requirements
and actually does more than you're looking for, like scanning for known
vulnerabilities and other types of application issues. If you're looking
for the free/open-source route, you can work with Achilles, WebProxy,
Exodus, SPIKE, etc for app testing and nikto, nessus or whisker for known
issues.
Kevin Spett
SPI Labs
http://www.spidynamics.com/
----- Original Message -----
From: <ihanuska_at_mybox.cz>
To: <webappsec_at_securityfocus.com>
Sent: Monday, April 14, 2003 3:03 AM
Subject: Searching for the tool
Hallo everyone,
I am searching for the tool to test someone else's web application. Tool
should be able to work under NT/2000/XP client.
My intention is to test some SQL/script injections etc. I need something
where I can see raw html stream coming in and coming out of my web browser.
So I am searching something that will fit between NT TCP/IP stack and web
browser, or it will have own browser.
The tool has to be able to access also https sites.
Thank you for any advice!
Ivo Hanuska
-----
Zúčastněte se průzkumu o paušálech na dial-up Internet a ADSL pořádaný
projektem Internet pro všechny http://www.internetprovsechny.cz/demand.php .
Received on Apr 14 2003
Intro
