Hi everybody, I want to announce that a Pre-Release of WATOBO 0.9.8 is now available as a ruby gem. WATOBO is intended to enable security professionals to perform semi-automated web application security audits. Here's a brief summary of its features: - Session Management; Login scripts, logout recognition, automated relogin - One-Time-Token support; for testing CSRF protected functions - NTLM-Authentication for servers and proxies - Active security checks: SQLi, XSS, LFI, DirWalker, HTTP-Methods, JBoss, SAP, ... - Passive checks/filters: Cookie-Options, Login-Encryption, DOMXSS, ... - Plugins: SSLChecker, FileFinder and Catalog-Scanner - Fuzzer: fuzz engine, e.g. for username enumeration or collecting cookies - Manual Request Editor: customize and send requests - Differ: diffing request/response pairs More informationen as well as (new) video tutorials are available at http://watobo.sourceforge.net If you find a bug, have a feature request or simply want to tell some success stories please send a mail to watobo@siberas.de. Thanks for your contribution, andy