Full Disclosure mailing list archives

Re: CAT Version 1 Released - Web App Testing Tool

From: "-= Glowing Sex =-" <doomxd () gmail com>
Date: Thu, 4 Aug 2011 20:43:40 +1000

Very nice to see, and very resourceful website, thanks! This is, a very nice
tool for those who have problems with Linux, and it seems to run Ok, i am
playing with the sdk atm but, only thing i dislike, is .net code,but i
assume with time, and, for such a great first rls, this tool can go far :-)
Very good to see,thx!
xd



On 4 August 2011 10:45, Context IS - Disclosure
<disclosure () contextis co uk>wrote:

Context App Tool (CAT) Version 1 has been released.
http://cat.contextis.com

CAT is a tool for manual web application penetration testing and includes
the following features:
-          Request Repeater – Used for repeating a single request
-          Proxy – Classic Inline proxy
-          Fuzzer – Allows for batch of tests to be sent to a server for
brute forcing, parameter fuzzing, forced browsing etc.
-          Log – View a list of requests to sort, search repeat etc. Allows
for a sequence of requests to be repeated and modified.
-          Authentication Checker – Two synchronised proxies which can be
used to check authentication and authorisation controls.
-          SSL Checker – Request a specific page with various SSL ciphers
and versions.
-          Notepad – A text/RTF editor which can be used as a scratch pad
for conversions etc.
-          Web Browser – An integrated web browser with proxy
pre-configured based on the Internet Explorer's rendering engine.
-          Addons – Freely accessible API/SDK to extend CAT with additional
functionality.

Some highlights of CAT:
-          CAT uses Internet Explorer's rendering engine for accurate HTML
representation
-          It supports many different types of text conversions including:
URL, Base64, Hex, Unicode, HTML/XML, SQL and JavaScript no quotes
-          It offers integrated SQL Injection and XSS Detection
-          Advanced Authentication and Authorisation using Synchronised
Browsing
-          Silverlight WCF Support
-          Faster performance due to HTTP connection caching
-          SSL Version and Cipher checker using OpenSSL
-          Greater flexibility for importing/exporting logs and saving
projects
-          Tabbed Interface allowing for multiple tools at once e.g.
multiple repeaters and different logs
-          The ability to repeat and modify a sequence of requests
(particularly useful in SSO testing)
-          Ability to extend CAT using Addons with publicly available
documentation and sample code
-          MONO Support for Linux and OSX (Currently in Beta).
-          Scriptable fuzz cases.
-          It is totally free!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

CAT Version 1 Released - Web App Testing Tool Context IS - Disclosure (Aug 04)
- Re: CAT Version 1 Released - Web App Testing Tool -= Glowing Sex =- (Aug 04)
- Re: CAT Version 1 Released - Web App Testing Tool Valdis . Kletnieks (Aug 04)
  - Re: CAT Version 1 Released - Web App Testing Tool Context IS - Disclosure (Aug 09)
    - Re: [WEB SECURITY] CAT Version 1 Released - Web App Testing Tool Andre Gironda (Aug 10)