Home page logo

webappsec logo WebApp Sec mailing list archives

PortSwigger.net - web application hack tools
From: Mads Rasmussen <mads () opencs com br>
Date: Tue, 15 Jun 2004 11:40:16 -0300

I haven't seen these tools mentioned on the list, all free for download

Please bear with me if these are wellknown, anyone have experience to share?


_Burp intruder_ is a tool to facilitate automated attacks against web-enabled applications. It uses a powerful engine to generate malicious HTTP requests using a template and a set of attack vectors. Burp intruder is highly configurable, and can be used to identify and exploit unusual vulnerabilities in bespoke application functionality.

_Burp spider_ is a tool for enumerating web-enabled applications. It uses various intelligent techniques to generate a comprehensive inventory of an application's content and functionality, avoiding the time-consuming and unreliable task of manually following links, submitting forms and scouring HTML source code.

_Burp proxy_ is an interactive HTTP/S proxy server for attacking and debugging web-enabled applications. It operates as a man-in-the-middle between the end browser and the target web server, and allows the user to intercept, inspect and modify the raw traffic passing in both directions.

_Sock_ is a simple tool for manually attacking web-enabled applications. It allows a single HTTP/S request to be manipulated and re-issued repeatedly from the same window. Each response can be viewed as plain text or rendered as a web page, and can be searched for keywords.

Mads Rasmussen, M.Sc.
Open Communications Security
+55 11 3345 2525

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]