Penetration Testing mailing list archives

Re: HTTP Proxy for thick clients

From: "rajat swarup" <rajats () gmail com>
Date: Wed, 29 Aug 2007 12:30:14 -0700

On 8/27/07, Huan Chi <ktriv3di () msn com> wrote:


I am testing a .NET thick client application using web services. I am
looking for an HTTP/TCP Proxy tool like PAROS / BURP which I can use to see
the change the traffic. The application does not have a way to set proxy
setting so I cannot use paros / burp and then do proxy chaining. Also,
everything on the tunnel is SSL, so ethereal is not much help

Also, any good tools to edit XML / SOAP traffic

Thanks for suggesstions in advance


Try using Echo Mirage.  It's a free software and works on DLL hooking concept.

HTH,
-- 
Rajat Swarup

http://rajatswarup.blogspot.com/

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Re: XSS interrogations, (continued)
- Re: XSS interrogations Paul Sebastian Ziegler (Aug 22)
- Re: XSS interrogations Jon Xmas (Aug 23)
  - HTTP Proxy for thick clients Huan Chi (Aug 28)
    - Re: [WEB SECURITY] HTTP Proxy for thick clients haroon meer (Aug 28)
    - Re: [WEB SECURITY] HTTP Proxy for thick clients Huan Chi (Aug 28)
    - Re: [WEB SECURITY] HTTP Proxy for thick clients haroon meer (Aug 28)
    - RE: [WEB SECURITY] HTTP Proxy for thick clients Ofer Shezaf (Aug 28)
    - Re: [WEB SECURITY] HTTP Proxy for thick clients bugtraq (Aug 28)
    - Re: [WEB SECURITY] HTTP Proxy for thick clients charlie derr (Aug 28)
    - Re: HTTP Proxy for thick clients Jeffory Atkinson (Aug 28)
    - Re: HTTP Proxy for thick clients rajat swarup (Aug 29)