[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] CAT Version 1 Released - Web App Testing Tool

To: "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>, "webappsec@xxxxxxxxxxxxxxxxx" <webappsec@xxxxxxxxxxxxxxxxx>, "websecurity@xxxxxxxxxxxxx" <websecurity@xxxxxxxxxxxxx>, "owasp-all@xxxxxxxxxxxxxxx" <owasp-all@xxxxxxxxxxxxxxx>
Subject: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
From: Context IS - Disclosure <disclosure@xxxxxxxxxxxxxxx>
Date: Thu, 4 Aug 2011 01:45:16 +0100

Context App Tool (CAT) Version 1 has been released.  
http://cat.contextis.com 

CAT is a tool for manual web application penetration testing and includes the 
following features:
-          Request Repeater – Used for repeating a single request
-          Proxy – Classic Inline proxy
-          Fuzzer – Allows for batch of tests to be sent to a server for brute 
forcing, parameter fuzzing, forced browsing etc.
-          Log – View a list of requests to sort, search repeat etc. Allows for 
a sequence of requests to be repeated and modified.
-          Authentication Checker – Two synchronised proxies which can be used 
to check authentication and authorisation controls.
-          SSL Checker – Request a specific page with various SSL ciphers and 
versions.
-          Notepad – A text/RTF editor which can be used as a scratch pad for 
conversions etc.
-          Web Browser – An integrated web browser with proxy pre-configured 
based on the Internet Explorer's rendering engine.
-          Addons – Freely accessible API/SDK to extend CAT with additional 
functionality.

Some highlights of CAT:
-          CAT uses Internet Explorer's rendering engine for accurate HTML 
representation
-          It supports many different types of text conversions including: URL, 
Base64, Hex, Unicode, HTML/XML, SQL and JavaScript no quotes
-          It offers integrated SQL Injection and XSS Detection
-          Advanced Authentication and Authorisation using Synchronised Browsing
-          Silverlight WCF Support
-          Faster performance due to HTTP connection caching
-          SSL Version and Cipher checker using OpenSSL
-          Greater flexibility for importing/exporting logs and saving projects
-          Tabbed Interface allowing for multiple tools at once e.g. multiple 
repeaters and different logs
-          The ability to repeat and modify a sequence of requests 
(particularly useful in SSO testing)
-          Ability to extend CAT using Addons with publicly available 
documentation and sample code
-          MONO Support for Linux and OSX (Currently in Beta).
-          Scriptable fuzz cases.
-          It is totally free!
 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
  - From: -= Glowing Sex =-
- Re: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
  - From: Valdis . Kletnieks

Prev by Date: Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation
Next by Date: Re: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
Previous by thread: Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation
Next by thread: Re: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
Index(es):
- Date
- Thread