int2e blog

lcamtuf, from the Google Security team, just released ratproxy! It’s a web proxy that will automatically generate reports of potential XSS, XSRF, XSSI, charset, content type, and caching issues that it sees. Ratproxy is not only free, but also open source. I’ve had the pleasure of using it for the past few months and it’s definitely sped up my web security assessments.

Here’s a pretty screenshot of it in action:

Download ratproxy and try it out!

This entry was posted on Wednesday, July 2nd, 2008 at 3:54 am and is filed under Security, Web 2.0. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.