Hi everybody,
I want to announce that a Pre-Release of WATOBO 0.9.8 is now available
as a ruby gem.
WATOBO is intended to enable security professionals to perform
semi-automated web application security audits.
Here's a brief summary of its features:
- Session Management; Login scripts, logout recognition, automated relogin
- One-Time-Token support; for testing CSRF protected functions
- NTLM-Authentication for servers and proxies
- Active security checks: SQLi, XSS, LFI, DirWalker, HTTP-Methods,
JBoss, SAP, ...
- Passive checks/filters: Cookie-Options, Login-Encryption, DOMXSS, ...
- Plugins: SSLChecker, FileFinder and Catalog-Scanner
- Fuzzer: fuzz engine, e.g. for username enumeration or collecting cookies
- Manual Request Editor: customize and send requests
- Differ: diffing request/response pairs
More informationen as well as (new) video tutorials are available at
http://watobo.sourceforge.net
If you find a bug, have a feature request or simply want to tell some
success stories please send a mail to watobo@siberas.de.
Thanks for your contribution,
andy
Hi everybody,
I want to announce that a Pre-Release of WATOBO 0.9.8 is now available
as a ruby gem.
WATOBO is intended to enable security professionals to perform
semi-automated web application security audits.
Here's a brief summary of its features:
- Session Management; Login scripts, logout recognition, automated relogin
- One-Time-Token support; for testing CSRF protected functions
- NTLM-Authentication for servers and proxies
- Active security checks: SQLi, XSS, LFI, DirWalker, HTTP-Methods,
JBoss, SAP, ...
- Passive checks/filters: Cookie-Options, Login-Encryption, DOMXSS, ...
- Plugins: SSLChecker, FileFinder and Catalog-Scanner
- Fuzzer: fuzz engine, e.g. for username enumeration or collecting cookies
- Manual Request Editor: customize and send requests
- Differ: diffing request/response pairs
More informationen as well as (new) video tutorials are available at
http://watobo.sourceforge.net
If you find a bug, have a feature request or simply want to tell some
success stories please send a mail to watobo@siberas.de.
Thanks for your contribution,
andy