The folks at Google have released their own proprietary web application assessment proxy. The tool is called ratproxy and was authored by Michal Zalewski.

From Google Code:

Ratproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments.

This tool falls into the same family as Burp and Paros, as examples. It will apparently run on Linux, FreeBSD, Mac OS X and Windows if you have Cygwin loaded. Check it out.

Article Link

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.