[TOOL] Ecyware GreenBlue Inspector - Integrated Web Analyzer Environment

From: SecuriTeam (support_at_securiteam.com)
Date: 11/14/05

  • Next message: SecuriTeam: "[NEWS] RealPlayer Data Packet Stack Overflow" 
    To: list@securiteam.com
Date: 14 Nov 2005 16:14:07 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Ecyware GreenBlue Inspector - Integrated Web Analyzer Environment
    ------------------------------------------------------------------------

    SUMMARY

    DETAILS

    Ecyware GreenBlue Inspector is an integrated web analyzer environment that
    offers multiples ways to test your web applications. You can analyze on
    the run or record a session for deeper analysis coverage.

    How does it works:
    Ecyware GreenBlue Inspector uses an integrated web browser control that
    works just like a browser. Just navigate through your web applications and
    collect information as headers, cookies and form data. There are always
    two requests made, one by the web browser control and another by GreenBlue
    Inspector. This allows GreenBlue Inspector to build a navigation path
    when you use the Session Recording option.

    Using the Session Recording option, you can record and save sessions and
    apply web unit tests, so you can check how your web application responds
    to input.

    After each Session Run, you can display reports that shows you what
    possible vulnerabilities or non validated data need to be review by your
    developers. You can also manipulate headers, cookies or form data by
    request and the advanced text editor allows you to inspect your HTML code
    for any hidden information that can be found in web applications.

    You can test the following checks using Ecyware GreenBlue Inspector, as
    defined in the OWASP Web Application Penetration Check List:

     * Application DOS
     * Access Control
     * Authentication
       * User
       * Session Management
     * Configuration Management
       * Infrastructure
       * Application
     * Error Handling
     * Data Protection
       * Transport
     * Input Validation
       * SQL Injection
       * OS
       * LDAP
       * XSS
       * Output Sanitization
       * Buffer Overflow

    Technology:
    Ecyware GreenBlue Inspector is 100% .NET Managed Code and is made for
    users that need a friendly user interface for checking and analyzing web
    applications.

    To download the tool: <http://www.ecyware.com/Releases/GBOS.rar>
    http://www.ecyware.com/Releases/GBOS.rar

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:rogelioc@ecyware.com>
    rogelioc.
    To keep updated with the tool visit the project's homepage at:
    <http://www.ecyware.com> http://www.ecyware.com

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[NEWS] RealPlayer Data Packet Stack Overflow"

    Relevant Pages