Hi, 
Guest
Pic
Sign In

websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

WATOBO 0.9.6 released

AS
Andreas Schmidt
Thu, Feb 24, 2011 10:23 AM

Hi everybody,

we want to announce that we just released version 0.9.6 of WATOBO - The
Web Application Toolbox (http://watobo.sourceforge.net).
WATOBO is intended to enable security professionals to perform highly
efficient (semi-automated) web application security audits.

-- NEW --

  • General: Supports One-Time-Tokens (e.g. Anti-CSRF-Tokens)
  • General: NTLM Authentication (Server and Proxy)
  • New Plugin: FileFinder
  • GUI: switch the icon and text size for lower screen resolution
  • Manual Request Editor: Table-View for easier parameter manipulation

-- CONTRIBUTIONS -- :))
Many thanks to Hans-Martin Muench who contributed two active-check modules!

  • modstatus.rb: Check for status page created by mod_status
  • crossdomain.rb: Check for crossdomain.xml weaknesses

!! NOTE !!
Due to the import fix you can't import older WATOBO sessions!

-- Documentation --
Watch the video tutorials on our project page for further information
http://sourceforge.net/apps/mediawiki/watobo/index.php?title=Videos.

There's an almost complete documentation with also very good lessons on
aldeid http://www.aldeid.com/index.php/Watobo  - thanks Sebastien!

We hope you find WATOBO useful!

If you find a bug, have a feature request or simply want to tell some
success stories please send a mail to watobo@siberas.de.

Regards,

Andy

Hi everybody, we want to announce that we just released version 0.9.6 of WATOBO - The Web Application Toolbox (http://watobo.sourceforge.net). WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. -- NEW -- * General: Supports One-Time-Tokens (e.g. Anti-CSRF-Tokens) * General: NTLM Authentication (Server and Proxy) * New Plugin: FileFinder * GUI: switch the icon and text size for lower screen resolution * Manual Request Editor: Table-View for easier parameter manipulation -- CONTRIBUTIONS -- :)) Many thanks to Hans-Martin Muench who contributed two active-check modules! * modstatus.rb: Check for status page created by mod_status * crossdomain.rb: Check for crossdomain.xml weaknesses !! NOTE !! Due to the import fix you can't import older WATOBO sessions! -- Documentation -- Watch the video tutorials on our project page for further information <http://sourceforge.net/apps/mediawiki/watobo/index.php?title=Videos>. There's an almost complete documentation with also very good lessons on aldeid <http://www.aldeid.com/index.php/Watobo> - thanks Sebastien! We hope you find WATOBO useful! If you find a bug, have a feature request or simply want to tell some success stories please send a mail to watobo@siberas.de. Regards, Andy
AS
Andreas Schmidt
Sun, Jul 1, 2012 11:18 AM

Hi everybody,

I've just pushed the first pre-release of WATOBO 0.9.9.pre1 to rubygems.org.

= WATOBO - The Web Application ToolBox
WATOBO is intended to enable security professionals to perform highly
efficient (semi-automated) web application security audits.

More details are available here:
http://sourceforge.net/apps/mediawiki/watobo/index.php

== NEW

  • Time-based SQL injection module
  • XSS module which gives a more accurate exploitability result
  • ConversationTable: values in coloumn Parameters are url-decoded
  • Added a WebCrawler Plugin based on Mechanize
  • Manual Request Editor: Url is displayed in the window title

= Pre-Release Installation =
To get the pre-release of a gem you need to set the --pre switch.
Type the following command after you followed the general installation
instructions to get the latest release:

gem install watobo --pre

= General Installation
== Windows
Simply follow the instruction on the project page:
http://sourceforge.net/apps/mediawiki/watobo/index.php?title=Main_Page#Installation

== BackTrack 5R2
On BackTrack you need to install additional gems. I wrote a little
installer script which can be found here:
http://siberas.blogspot.de/2012/06/installing-watobo-on-backtrack-5r2.html

If you find a bug, have a feature request or simply want to tell some
success stories please send a mail to watobo@siberas.de.

Thanks for your contribution!

Regards,

Andy

Hi everybody, I've just pushed the first pre-release of WATOBO 0.9.9.pre1 to rubygems.org. = WATOBO - The Web Application ToolBox WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. More details are available here: http://sourceforge.net/apps/mediawiki/watobo/index.php == NEW * Time-based SQL injection module * XSS module which gives a more accurate exploitability result * ConversationTable: values in coloumn Parameters are url-decoded * Added a WebCrawler Plugin based on Mechanize * Manual Request Editor: Url is displayed in the window title = Pre-Release Installation = To get the pre-release of a gem you need to set the --pre switch. Type the following command after you followed the general installation instructions to get the latest release: >gem install watobo --pre = General Installation == Windows Simply follow the instruction on the project page: http://sourceforge.net/apps/mediawiki/watobo/index.php?title=Main_Page#Installation == BackTrack 5R2 On BackTrack you need to install additional gems. I wrote a little installer script which can be found here: http://siberas.blogspot.de/2012/06/installing-watobo-on-backtrack-5r2.html If you find a bug, have a feature request or simply want to tell some success stories please send a mail to watobo@siberas.de. Thanks for your contribution! Regards, Andy
Empathy v1.0   2024 ©Harmonylists.com