Google freely released its personal Web Application Security Scanner – ratproxy
Google freely released its personal tool for checking security issues of web applications as an open source tool.Ratproxy is the name of the devil that is released under an Apache 2.0 software license.Google says “Ratproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments“
The ratproxy analyzes following problems
- Cross-site script inclusion threats
- Insufficient cross-site request forgery defenses
- Caching issues, cross-site scripting candidates
- Unsafe cross-domain code inclusion schemes
- Information leakage scenarios
- Content serving problems
- Insufficient XSRF and XSS defenses
- HTTP and META redirector’s
- Suspected or confirmed XSS / data injection vectors
Supported OS : Ratproxy is currently believed to support Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.
Read Ratproxy Doc to know how to run?, how it works? and much more
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackbackfrom your own site.
Subscribe to our FREE Rss Feed
What's Hot
Similar Interesting Posts
- Monster.com hit by personal data attack
- What is Multilingual Domains
- Release Candidate Ubuntu 9.04 Available For Download
- HTML Injection
- How to redirect wordpress.com blog to self hosted domain
- [important] Before buying a domain
- Google SEO Tips With Webmaster Tools
- .Net languages run on Linux device/platforms that Mono supports ?
- Free Dns services
- Google Talk:Login as Multiple Users
- The XSS Vulnerability
- HTML Code Spy 1.50
- Once Again Get Free AVG LinkScanner Security Suite
- Webmaster guidelines for better search rankings and to avoid Google ban
- Give your computer a name (broadcasting from Dynamic IP)
Tutorials On
July 6th, 2008 at 3:33 pm
hi ur blog is cool i am having a blog related to hacking and tech http://www.crackohack.blogspot.com its having page rank-3 if ur int in link exchange plzz mail me itzmeprakashm@gmil.com
or reply in my blog
July 7th, 2008 at 10:26 am
@Prakash
Sure Bro!!
July 8th, 2008 at 10:18 am
I posted about installing/building Ratproxy in a Windows/Cygwin environment. Hope it is helpful.
http://butterdev.com/web-security/2008/07/google-ratproxy-web-application-security-audit-tool/
December 11th, 2009 at 5:16 am
Interesting post, i really enjoyed it =D http://wtfxup.net chance memory
December 11th, 2009 at 5:16 am
Interesting post, i really enjoyed it =D http://wtfxup.net free education