Paros v3.1.3 (proxy plus scanner) is now available!

contact_at_proofsecure.com
Date: 08/28/04

  • Next message: Tomas Sedlak: "Re: tcp port 999"
    Date: 28 Aug 2004 14:02:12 -0000
    To: pen-test@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is)

    Paros v3.1.3 is now available at http://www.proofsecure.com/download.htm

    [Brief Introduction]
    Paros is a man-in-the-middle proxy and application vulnerability scanner. It allows users to intercept, modify and debug HTTP and HTTPS data on-the-fly between web server and client browser. It also supports client-certificate, proxy-chaining, filtering and various vulnerability scanning.

    [License]
    - Clarified Artistic License (open source and GPL-compatible license)

    [New features]
    - Allow to run the scanner on a paticular request shown in the lower URL list (select the request on the URL list, right-click and choose 'Scan Selected Node/Item')

    - Allow to re-send a paticular request shown in the lower URL list (select the request on the URL list, right-click and choose 'Re-send'). Check the correctness of the information such as the port before sending it out.

    - Allow to craft a request by clicking the menu "Tools" => "Send HTTP(S) Requests"

    - In the filter DetectUnsafeContent, add new IE vulnerability check, and improve ms-its checks and speed of other checks .

    [Bug Fixes]
    - Fix a problem in handling the wildcard '*' when using IP addresses like a.b.* for bypassing the proxy

    [Remarks]
    A few nice guys has kindly sent us some modified code to enhance the Paros proxy. However, as we are too busy with some other stuffs currently, we don't have time to review the code and integrate it in Paros for this release. Really sorry about that.

    Queries, bug reports and comments on Paros can be sent to paros@proofsecure.com

    by ProofSecure.com

    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. All of our class sizes are
    guaranteed to be 12 students or less to facilitate one-on-one interaction
    with one of our expert instructors. Check out our Advanced Hacking course,
    learn to write exploits and attack security infrastructure. Attend a course
    taught by an expert instructor with years of in-the-field pen testing
    experience in our state of the art hacking lab. Master the skills of an
    Ethical Hacker to better assess the security of your organization.

    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------


  • Next message: Tomas Sedlak: "Re: tcp port 999"