[WEB SECURITY] WATOBO 0.9.6 released

Andreas Schmidt webappsec at siberas.de
Thu Feb 24 05:23:17 EST 2011


Hi everybody,
 
we want to announce that we just released version 0.9.6 of WATOBO - The
Web Application Toolbox (http://watobo.sourceforge.net).
WATOBO is intended to enable security professionals to perform highly
efficient (semi-automated) web application security audits.

-- NEW --
* General: Supports One-Time-Tokens (e.g. Anti-CSRF-Tokens)
* General: NTLM Authentication (Server and Proxy)
* New Plugin: FileFinder
* GUI: switch the icon and text size for lower screen resolution
* Manual Request Editor: Table-View for easier parameter manipulation

-- CONTRIBUTIONS -- :))
Many thanks to Hans-Martin Muench who contributed two active-check modules!
* modstatus.rb: Check for status page created by mod_status
* crossdomain.rb: Check for crossdomain.xml weaknesses

!! NOTE !!
Due to the import fix you can't import older WATOBO sessions!

-- Documentation --
Watch the video tutorials on our project page for further information
<http://sourceforge.net/apps/mediawiki/watobo/index.php?title=Videos>.

There's an almost complete documentation with also very good lessons on
aldeid <http://www.aldeid.com/index.php/Watobo>  - thanks Sebastien!

We hope you find WATOBO useful!

If you find a bug, have a feature request or simply want to tell some
success stories please send a mail to watobo at siberas.de.

Regards,

Andy




More information about the websecurity mailing list