ARTICLE Ratproxy 1.53b released

Saturday 3 January 2009 - 368 read - ( Keywords : Code Auditing , Framework , Ratproxy )

A semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments.

Detects and prioritizes broad classes of security problems, such as dynamic cross-site trust model considerations, script inclusion issues, content serving problems, insufficient XSRF and XSS defenses, and much more.

Ratproxy is currently believed to support Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.

Tool submitted by Maximiliano Soler.


POSTSCRIPTUM

Download


COMPLIANCE MANDATES

Code Auditing : PCI/DSS 6.3.6, 6.3.7, 6.6, SOX A12.8, GLBA 16CFR Part 314.4(b) and (2);FISMA RA-5, SC-18, SA-11 SI-2, and ISO 27001/27002 (12.4.1, 12.4.3, 12.5)


RELATED ARTICLES

Code Auditing, Framework, Ratproxy,

3 January 2009 : Ratproxy 1.53b released