[WEB SECURITY] Burp proxy v1.3beta released

PortSwigger mail at portswigger.net
Wed Aug 3 17:09:01 EDT 2005 

Burp proxy v1.3beta is now available at http://portswigger.net/proxy/

Burp proxy is an interactive HTTP/S proxy server for attacking 
and debugging web-enabled applications. It operates as a 
man-in-the-middle between the end browser and the target Web 
server, and allows the user to intercept, inspect, and modify 
the raw traffic passing in both directions.


[New features in version 1.3]

- fine-grained rules governing interception of requests and responses, based 
on domain, IP address, protocol, HTTP method, URL, resource type, parameters, 
cookies, header/body content, response code, content type and HTML page 
title.
- regex-based search and highlight in all text panes.
- in addition to the text and hex views of intercepted messages, a tabular 
view is available to display and edit all request parameters (in the URL, 
message body and cookies).
- extensibility via the IBurpExtender interface, which allows arbitrary code 
to be dynamically loaded and receive full details of every request and 
response, to perform logging functions, modify the message, specify an action 
(intercept, drop, etc) and perform any other arbitrary processing.
- optional disk-based caching of server responses, which can be viewed 
in-browser (at http://burp/) or in-GUI by double-clicking on an item in the 
history table.
- HTML rendering of cached responses.
- quick toggle of interception mode in main intercept tab.
- facility to automatically toggle GET/POST request type, and correctly 
relocate parameters.
- facility to copy to clipboard single/all visited URLs by right-clicking a 
history table item.
- optional persistent preferences across program launches.
- correct handling of "HTTP 100 Continue" responses.
- logging of all X509 certificates encountered.

============================================
PortSwigger.net - web application hack tools
============================================

---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/

More information about the websecurity mailing list