This is cache of http://feeds.feedburner.com/~r/Liquidmatrix/~3/324867361/. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
Google Open Sources Web Assessment Tool
2008-07-02 12:51:09 by Dave Lewis in Liquidmatrix Security Digest
 

The folks at Google have released their own proprietary web application assessment proxy. The tool is called ratproxy and was authored by Michal Zalewski.

From Google Code:

Ratproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments.

This tool falls into the same family as Burp and Paros, as examples. It will apparently run on Linux, FreeBSD, Mac OS X and Windows if you have Cygwin loaded. Check it out.

Article Link

 
Tags: google, tool, tool falls, complement active crawlers, design patterns based, google code, ratproxy, article link, michal zalewski
 
 
 
 
 
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia