[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
- To: Context IS - Disclosure <disclosure@xxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
- From: "-= Glowing Sex =-" <doomxd@xxxxxxxxx>
- Date: Thu, 4 Aug 2011 20:43:40 +1000
Very nice to see, and very resourceful website, thanks! This is, a very nice
tool for those who have problems with Linux, and it seems to run Ok, i am
playing with the sdk atm but, only thing i dislike, is .net code,but i
assume with time, and, for such a great first rls, this tool can go far :-)
Very good to see,thx!
xd
On 4 August 2011 10:45, Context IS - Disclosure
<disclosure@xxxxxxxxxxxxxxx>wrote:
> Context App Tool (CAT) Version 1 has been released.
> http://cat.contextis.com
>
> CAT is a tool for manual web application penetration testing and includes
> the following features:
> - Request Repeater – Used for repeating a single request
> - Proxy – Classic Inline proxy
> - Fuzzer – Allows for batch of tests to be sent to a server for
> brute forcing, parameter fuzzing, forced browsing etc.
> - Log – View a list of requests to sort, search repeat etc. Allows
> for a sequence of requests to be repeated and modified.
> - Authentication Checker – Two synchronised proxies which can be
> used to check authentication and authorisation controls.
> - SSL Checker – Request a specific page with various SSL ciphers
> and versions.
> - Notepad – A text/RTF editor which can be used as a scratch pad
> for conversions etc.
> - Web Browser – An integrated web browser with proxy
> pre-configured based on the Internet Explorer's rendering engine.
> - Addons – Freely accessible API/SDK to extend CAT with additional
> functionality.
>
> Some highlights of CAT:
> - CAT uses Internet Explorer's rendering engine for accurate HTML
> representation
> - It supports many different types of text conversions including:
> URL, Base64, Hex, Unicode, HTML/XML, SQL and JavaScript no quotes
> - It offers integrated SQL Injection and XSS Detection
> - Advanced Authentication and Authorisation using Synchronised
> Browsing
> - Silverlight WCF Support
> - Faster performance due to HTTP connection caching
> - SSL Version and Cipher checker using OpenSSL
> - Greater flexibility for importing/exporting logs and saving
> projects
> - Tabbed Interface allowing for multiple tools at once e.g.
> multiple repeaters and different logs
> - The ability to repeat and modify a sequence of requests
> (particularly useful in SSO testing)
> - Ability to extend CAT using Addons with publicly available
> documentation and sample code
> - MONO Support for Linux and OSX (Currently in Beta).
> - Scriptable fuzz cases.
> - It is totally free!
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/