[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] ProxyStrike - Active Web Application Proxy

--Apple-Mail-11-1052689415
Content-Type: text/plain;
	charset=US-ASCII;
	format=flowed;
	delsp=yes
Content-Transfer-Encoding: 7bit

Hi everyone,  we have released a new tool:

ProxyStrike is an active Web Application Proxy, is a tool designed to  
find vulnerabilities while browsing an application. It was created  
because the problems we faced in the pentests of web applications that  
heavily depends on Javascript, not many web scanners did it good at  
this stage, so we came with this proxy.

Right now it has available Sql injection and XSS modules.

Features:

Http request/response history
Request parameter stats
Request parameter values stats
Request url parameter signing and header field signing
Use of an alternate proxy (tor for example ;D )
Sql attacks
Xss attacks
Export results to HTML or XML
Console version (python proxystrike.py -c / proxystrike.exe -c)

Check it at:  http://www.edge-security.com/proxystrike.php

You can choose a win32 or a *nix version.

Regards,

Christian Martorella
Edge-security team
--Apple-Mail-11-1052689415
Content-Type: text/html;
	charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" style=3D"color: =
rgb(51, 51, 51); font-family: Verdana; line-height: 18px; ">Hi everyone, =
&nbsp;we have released a new tool:&nbsp;</span><div><font =
class=3D"Apple-style-span" color=3D"#333333" face=3D"Verdana"><span =
class=3D"Apple-style-span" style=3D"line-height: 18px; =
"><br></span></font></div><div><span class=3D"Apple-style-span" =
style=3D"color: rgb(51, 51, 51); font-family: Verdana; line-height: =
18px; ">ProxyStrike is an active Web Application Proxy, is a tool =
designed to find vulnerabilities while browsing an application. It was =
created because the problems we faced in the pentests of web =
applications that heavily depends on Javascript, not many web scanners =
did it good at this stage, so we came with this =
proxy.</span></div><div><span class=3D"Apple-style-span" style=3D"color: =
rgb(51, 51, 51); font-family: Verdana; line-height: 18px; "><br>Right =
now it has available Sql injection and XSS modules.</span><div><font =
class=3D"Apple-style-span" color=3D"#333333" face=3D"Verdana"><span =
class=3D"Apple-style-span" style=3D"line-height: 18px; =
"><br></span></font></div><div><font class=3D"Apple-style-span" =
color=3D"#333333" face=3D"Verdana"><span class=3D"Apple-style-span" =
style=3D"line-height: 18px; "><p style=3D"padding-top: 0px; =
padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: =
0px; margin-right: 0px; margin-bottom: 1em; margin-left: 0px; =
"><b>Features:</b></p><ul style=3D"list-style-type: none; =
list-style-position: initial; list-style-image: initial; margin-top: =
1em; margin-right: 0px; margin-bottom: 1em; margin-left: 0px; =
padding-left: 24px; "><li style=3D"padding-top: 0px; padding-right: 0px; =
padding-bottom: 4px; padding-left: 12px; line-height: 1.4em; =
background-image: url(http://www.edge-security.com/img/or-bullet.gif); =
background-repeat: no-repeat; background-attachment: initial; =
-webkit-background-clip: initial; -webkit-background-origin: initial; =
background-color: initial; background-position: 0px 5px; ">Http =
request/response history</li><li style=3D"padding-top: 0px; =
padding-right: 0px; padding-bottom: 4px; padding-left: 12px; =
line-height: 1.4em; background-image: =
url(http://www.edge-security.com/img/or-bullet.gif); background-repeat: =
no-repeat; background-attachment: initial; -webkit-background-clip: =
initial; -webkit-background-origin: initial; background-color: initial; =
background-position: 0px 5px; ">Request parameter stats</li><li =
style=3D"padding-top: 0px; padding-right: 0px; padding-bottom: 4px; =
padding-left: 12px; line-height: 1.4em; background-image: =
url(http://www.edge-security.com/img/or-bullet.gif); background-repeat: =
no-repeat; background-attachment: initial; -webkit-background-clip: =
initial; -webkit-background-origin: initial; background-color: initial; =
background-position: 0px 5px; ">Request parameter values stats</li><li =
style=3D"padding-top: 0px; padding-right: 0px; padding-bottom: 4px; =
padding-left: 12px; line-height: 1.4em; background-image: =
url(http://www.edge-security.com/img/or-bullet.gif); background-repeat: =
no-repeat; background-attachment: initial; -webkit-background-clip: =
initial; -webkit-background-origin: initial; background-color: initial; =
background-position: 0px 5px; ">Request url parameter signing and header =
field signing</li><li style=3D"padding-top: 0px; padding-right: 0px; =
padding-bottom: 4px; padding-left: 12px; line-height: 1.4em; =
background-image: url(http://www.edge-security.com/img/or-bullet.gif); =
background-repeat: no-repeat; background-attachment: initial; =
-webkit-background-clip: initial; -webkit-background-origin: initial; =
background-color: initial; background-position: 0px 5px; ">Use of an =
alternate proxy (tor for example ;D )</li><li style=3D"padding-top: 0px; =
padding-right: 0px; padding-bottom: 4px; padding-left: 12px; =
line-height: 1.4em; background-image: =
url(http://www.edge-security.com/img/or-bullet.gif); background-repeat: =
no-repeat; background-attachment: initial; -webkit-background-clip: =
initial; -webkit-background-origin: initial; background-color: initial; =
background-position: 0px 5px; ">Sql attacks</li><li style=3D"padding-top: =
0px; padding-right: 0px; padding-bottom: 4px; padding-left: 12px; =
line-height: 1.4em; background-image: =
url(http://www.edge-security.com/img/or-bullet.gif); background-repeat: =
no-repeat; background-attachment: initial; -webkit-background-clip: =
initial; -webkit-background-origin: initial; background-color: initial; =
background-position: 0px 5px; ">Xss attacks</li><li style=3D"padding-top: =
0px; padding-right: 0px; padding-bottom: 4px; padding-left: 12px; =
line-height: 1.4em; background-image: =
url(http://www.edge-security.com/img/or-bullet.gif); background-repeat: =
no-repeat; background-attachment: initial; -webkit-background-clip: =
initial; -webkit-background-origin: initial; background-color: initial; =
background-position: 0px 5px; ">Export results to HTML or XML</li><li =
style=3D"padding-top: 0px; padding-right: 0px; padding-bottom: 4px; =
padding-left: 12px; line-height: 1.4em; background-image: =
url(http://www.edge-security.com/img/or-bullet.gif); background-repeat: =
no-repeat; background-attachment: initial; -webkit-background-clip: =
initial; -webkit-background-origin: initial; background-color: initial; =
background-position: 0px 5px; ">Console version (python proxystrike.py =
-c / proxystrike.exe -c)</li></ul><div><br></div><div><span =
class=3D"Apple-style-span" style=3D"line-height: 16px; ">Check it at: =
&nbsp;<a =
href=3D"http://www.edge-security.com/proxystrike.php";>http://www.edge-secu=
rity.com/proxystrike.php</a></span></div><div><span =
class=3D"Apple-style-span" style=3D"line-height: 16px; =
"><br></span></div><div><span class=3D"Apple-style-span" =
style=3D"line-height: 16px; "><span class=3D"Apple-style-span" =
style=3D"line-height: 18px; "><div><span class=3D"Apple-style-span" =
style=3D"line-height: 16px; ">You can choose a win32 or a *nix =
version.</span></div><div><span class=3D"Apple-style-span" =
style=3D"line-height: 16px; =
"><br></span></div></span></span></div><div><span =
class=3D"Apple-style-span" style=3D"line-height: 16px; =
">Regards,</span></div><div><br></div><div><span =
class=3D"Apple-style-span" style=3D"line-height: 16px; ">Christian =
Martorella</span></div><div><span class=3D"Apple-style-span" =
style=3D"line-height: 16px;">Edge-security =
team</span></div></span></font></div></div></div></body></html>=

--Apple-Mail-11-1052689415--
Brought to you by http://www.webappsec.org
Search this site