Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Web Browser For Penetration Test

Re: Web Browser For Penetration Test

From: Gareth Davies <gareth.davies_at_mynetsec.com>
Date: Wed, 12 Apr 2006 13:07:59 +0800

I use Firefox with IEtab extension and Burp Suite.

http://www.portswigger.net/suite/

https://addons.mozilla.org/extensions/moreinfo.php?id=1419&application=firefox

WebScarab is good too.

Another option for Burp is Paros if you want some choice.

http://www.parosproxy.org/index.shtml

My favourite is definately Burp though.

nimdA wrote:
> Dear All
>
> I'm looking for web browser that help me in penetration testing of web
> applications, there are a lot of scanning tools, but I'm looking for a
> basic web browser which allow me to control all the data that send to
> or receive from the web server.
>
> There are some grate tools like minibrowser, but with complex
> application it did not work fine unless you use "Internet Explorer" as
> a browser, and you will lose the benefits of this browser.
>
> Unfortunately, I can't find other browser that does the same thing.
> What I'm looking for is a simple application, before send or receiving
> any value from the web server asks the user to confirm that data that
> will send or will receive, not more then that.
>
> So, If any one know some software or IE plug-in or client proxy that
> will help me on this, please send it.
>
> Thanks.
>
> -------------------------------------------------------------------------
> Sponsored by: Watchfire
>
> Watchfire's AppScan is the industry's first and leading web application
> security testing suite, and the only solution to provide comprehensive
> remediation tasks at every level of the application. Change the way you
> think about application security testing - See for yourself.
> Download a Free Trial of AppScan 6.0 today!
>
> https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
> --------------------------------------------------------------------------
>
>
> 

-- 
Gareth Davies - BS7799 LA, OPST
Manager - Security Practice
Network Security Solutions MSC Sdn. Bhd.
Suite E-07-21, Block E, Plaza Mont' Kiara, No. 2 Jalan Kiara,
Mont’ Kiara, 50480
Kuala Lumpur, Malaysia 
Phone: +603-6203 5303 or +603-6203 5920
www.mynetsec.com
-------------------------------------------------------------------------
This List Sponsored by: SPI Dynamics
ALERT: "How A Hacker Launches A Web Application Attack!" 
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world 
examples of recent hacking methods such as: SQL Injection, Cross Site 
Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
Received on Apr 12 2006
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos