Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Paros v3.1.3 (proxy plus scanner) is now available!

From: <contact () proofsecure com>
Date: 28 Aug 2004 14:02:12 -0000


Paros v3.1.3 is now available at http://www.proofsecure.com/download.htm

[Brief Introduction]
Paros is a man-in-the-middle proxy and application vulnerability scanner. It allows users to intercept, modify and 
debug HTTP and HTTPS data on-the-fly between web server and client browser. It also supports client-certificate, 
proxy-chaining, filtering and various vulnerability scanning.

[License]
- Clarified Artistic License (open source and GPL-compatible license)

[New features]
- Allow to run the scanner on a paticular request shown in the lower URL list (select the request on the URL list, 
right-click and choose 'Scan Selected Node/Item')

- Allow to re-send a paticular request shown in the lower URL list (select the request on the URL list, right-click and 
choose 'Re-send'). Check the correctness of the information such as the port before sending it out. 

- Allow to craft a request by clicking the menu "Tools" => "Send HTTP(S) Requests"

- In the filter DetectUnsafeContent, add new IE vulnerability check, and improve ms-its checks and speed of other 
checks .

[Bug Fixes]
- Fix a problem in handling the wildcard '*' when using IP addresses like a.b.* for bypassing the proxy

[Remarks]
A few nice guys has kindly sent us some modified code to enhance the Paros proxy.  However, as we are too busy with 
some other stuffs currently, we don't have time to review the code and integrate it in Paros for this release. Really 
sorry about that.


Queries, bug reports and comments on Paros can be sent to paros () proofsecure com

by ProofSecure.com

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: