Full Disclosure mailing list archives
CAT Version 1 Released - Web App Testing Tool
From: Context IS - Disclosure <disclosure () contextis co uk>
Date: Thu, 4 Aug 2011 01:45:16 +0100
Context App Tool (CAT) Version 1 has been released. http://cat.contextis.com CAT is a tool for manual web application penetration testing and includes the following features: - Request Repeater – Used for repeating a single request - Proxy – Classic Inline proxy - Fuzzer – Allows for batch of tests to be sent to a server for brute forcing, parameter fuzzing, forced browsing etc. - Log – View a list of requests to sort, search repeat etc. Allows for a sequence of requests to be repeated and modified. - Authentication Checker – Two synchronised proxies which can be used to check authentication and authorisation controls. - SSL Checker – Request a specific page with various SSL ciphers and versions. - Notepad – A text/RTF editor which can be used as a scratch pad for conversions etc. - Web Browser – An integrated web browser with proxy pre-configured based on the Internet Explorer's rendering engine. - Addons – Freely accessible API/SDK to extend CAT with additional functionality. Some highlights of CAT: - CAT uses Internet Explorer's rendering engine for accurate HTML representation - It supports many different types of text conversions including: URL, Base64, Hex, Unicode, HTML/XML, SQL and JavaScript no quotes - It offers integrated SQL Injection and XSS Detection - Advanced Authentication and Authorisation using Synchronised Browsing - Silverlight WCF Support - Faster performance due to HTTP connection caching - SSL Version and Cipher checker using OpenSSL - Greater flexibility for importing/exporting logs and saving projects - Tabbed Interface allowing for multiple tools at once e.g. multiple repeaters and different logs - The ability to repeat and modify a sequence of requests (particularly useful in SSO testing) - Ability to extend CAT using Addons with publicly available documentation and sample code - MONO Support for Linux and OSX (Currently in Beta). - Scriptable fuzz cases. - It is totally free! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- CAT Version 1 Released - Web App Testing Tool Context IS - Disclosure (Aug 04)
- Re: CAT Version 1 Released - Web App Testing Tool -= Glowing Sex =- (Aug 04)
- Re: CAT Version 1 Released - Web App Testing Tool Valdis . Kletnieks (Aug 04)
- Re: CAT Version 1 Released - Web App Testing Tool Context IS - Disclosure (Aug 09)
- Re: [WEB SECURITY] CAT Version 1 Released - Web App Testing Tool Andre Gironda (Aug 10)
- Re: CAT Version 1 Released - Web App Testing Tool Context IS - Disclosure (Aug 09)