Web Security Testing Tools
Watcher version 1.1.0 is now available for download from Microsoft’s repository of open-source projects. The Redmond company is not the author of Watcher, but it is certainly recommending the tool via its online hotspot dedicated to the Security Development Lifecycle. Put together by Casaba Security, Watcher is designed to enhance Fiddler proxy, a tool developed by Eric Lawrence, IE program manager. In this context, the plug-in from Casaba Security complements Lawrence’s web debugging proxy, closely monitoring and analyzing HTTP traffic.
“Watcher is a plug-in for Eric Lawrence’s Fiddler proxy aimed at helping developers and testers find security issues in their web-apps fast and effortlessly. Because it works passively at runtime, you have to drive it by opening a browser and cruising through your web-app as an end user. For the developer, the tool can provide a quick sanity check, so you can find problems and hot-spots that warrant further attention. In the hands of a pen-tester it can assist in finding issues that lead to other attacks like XSS and CSRF,” revealed Chris Weber of Casaba Security. Read More»
Loading ...
