Re: Web Application Penetration Testing Tools

• Previous message: MARTIN M. Bénoni: "Re: Wireless Pent-Test"
• Maybe in reply to: Brian E: "Web Application Penetration Testing Tools"
• Next in thread: Faiz Ahmad Shuja: "RE: Web Application Penetration Testing Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 10 Oct 2003 20:29:13 -0000
To: pen-test@securityfocus.com

Try Richard van den Berg's modifications to HtmlBar. It's a DLL for IExplore that allows you to view and manipulate forms variables (including hidden ones). Not sure about cookies, but it looks pretty cool.
http://www.vdberg.org/~richard/htmlbar.html

Andy

>This simple application allows me to browse a web application and easily see links, form elements, cookies, a log of actual commands being sent back and forth and more. The ability to manipulate cookies and form elements makes it very useful.
>
>Unfortunately, it's support as a web browser is limited so I can't test all web applications (such as embeded scripts and frames).
>
>Does anyone know of some other good tools for auditing web applications with the ability to manipulate form data and cookies before being sent to the server?
>
>Preferably, I'm looking for something based on Windows that is browser based (as opposed to proxy based) but am still open to all platforms and methods.

---------------------------------------------------------------------------
Tired of constantly searching the web for the latest exploits?
Tired of using 300 different tools to do one job?
Get CORE IMPACT and get some rest.
www.coresecurity.com/promos/sf_ept2
----------------------------------------------------------------------------

• Previous message: MARTIN M. Bénoni: "Re: Wireless Pent-Test"
• Maybe in reply to: Brian E: "Web Application Penetration Testing Tools"
• Next in thread: Faiz Ahmad Shuja: "RE: Web Application Penetration Testing Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: rewire the server room? ... Ps. its 'normal' for support people to shoot first and then ask what happened after the engineers put out the fire again. ... As attacks through web applications continue to rise, ... Download FREE whitepaper on how a managed service can ... (Pen-Test) Re: Windows Mail on Vista asks for POP3 server name and outgoing SMTP server? ... tell it to scan it...preview and manipulate ... Only one of my clients has a multifunction machine...and ... from their "Brother Ask Us by email" support and they assert that they ... (microsoft.public.windows.server.sbs) Re: IntraWeb in D8 ... If I have to convince them to move their web applications to the ASP ... The original request was ... in point' will never want to support the .NET framework anyway. ... (borland.public.delphi.non-technical) Web Application Penetration Testing Tools ... This simple application allows me to browse a web application and easily see links, form elements, cookies, a log of actual commands being sent back and forth and more. ... it's support as a web browser is limited so I can't test all web applications. ... (Pen-Test) Re: History of French ... Linguists have more data to manipulate and distort to support their pet ... (sci.lang)