Web应用安全审计工具:WATOBO
jopen
11年前
WATOBO是一个Web应用程序工具箱,它是一个旨在帮助专业安全人员执行高效率的(半自动)Web应用程序安全审计的工具。它类似于一个本地代理,在运行中分析网络通信寻找有用的信息和漏洞。它还具备自动扫描功能。能扫描SQL注入,跨站脚本和更多安全问题。
特性:
</header>- WATOBO has Session Management capabilities! You can define login scripts as well as logout signatures. So you don’t have to login manually each time you get logged out.
- WATOB can act as an transparent proxy
- WATOBO has anti-CSRF features
- WATOBO can perform vulnerability checks out of the box.
- WATOBO supports Inline De-/Encoding, so you don’t have to copy strings to a transcoder and back again. Just do it inside the request/response window with a simple mouse click.
- WATOBO has smart filter functions, so you can find and navigate to the most interesting parts of the application easily.
- WATOBO is written in (FX)Ruby and enables you to easiely define your own checks
- WATOBO is free software ( licensed under the GNU General Public License Version 2)
- It’s by siberas ;)