https://www.telerik.com/download/fiddler
Mallory: Transparent TCP and UDP Proxy Intrepidus Group - Insight Mallory: Transparent TCP and UDP Proxy Welcome to the home of Mallory! Mallory is a transparent TCP and UDP proxy. It can be used to get at those hard to intercept network streams, assess those tricky mobile web applications, or maybe just pull a prank on your friend. You are probably here to get Mallory up and running. FREE Website Monitoring & Monitoring Software from Monitor.Us Here's what our monitoring tools can do for IT Consultants, ISPs, ISVs, Web Developers and Web Designers Imagine how much you could grow your business if you weren't chained to your desk. Monitor.Us makes this possible. Because Monitor.Us is Cloud-based it not only lets you keep an eagle eye on everything, from anywhere; it also takes complex set-ups, installs, updates, reinstalls and server monitoring... and drops them from a very large height. So you can spend your time growing your business rather than simply managing it.
Web Application Security Testing Cheat Sheet This cheat sheet provides a checklist of tasks to be performed during blackbox security testing of a web application. This checklist is intended to be used as an aide memoire for experienced pentesters and should be used in conjunction with the OWASP Testing Guide. It will be updated as the Testing Guide v4 is progressed.
OWASP WebScarab NG Project Main Welcome to the WebScarab (Next Generation) Project WebScarab-NG logo WebScarab-NG is a complete rewrite of the old WebScarab application, with a special focus on making the application more user-friendly. To this end, WebScarab-NG makes use of the Spring Rich Client Platform to provide the user interface features.
Page Detailer Page Detailer provides instrumentation and visualization of the performance of web page downloads, showing decomposition of the web page into its component parts (e.g., HTML, GIFs, Applets) and the activities involved in retrieving them. By understanding the retrieval schedule for Web page components, page designers can dramatically improve performance by reorganizing content. By decomposing response time, site architects can understand how to tune their servers and/or configure their applications to provide optimum performance. Page Detailer relies heavily on IBM Research's patented Web Detailer (aka ETE: End-to-End performance monitoring, US#06108700) technology developed in Hawthorne to provide instrumentation of browsers and other HTTP-based applications and to correlate discrete events into a hierarchy of timelines. Page Detailer has been used extensively in customer engagements and is currently available for purchase as part of the WebSphereTM Studio v3.5.
HTTP Monitor / HTTP Proxy / HTTPS & SSL Proxy / Reverse Proxy Watcher: Web security testing tool and passive vulnerability scanner by Chris Weber, co-founder at Casaba Security, contact me through CodePlex, or email me at casaba .com. Frequently Asked Questions:Answers to common questions are on the FAQ page. Contents DownloadBackgroundPrior WorkReviewsUser Interface and ReportingInstallationConfiguration and UsageCompliance with OWASPChecks and how they workCreating and Contributing Checks Downloading Watcher
Wbox HTTP testing tool HTTP testing tool Wbox aims to help you having fun while testing HTTP related stuff. You can use it to perform many tasks, including the following. Benchmarking how much time it takes to generate content for your web application.Web server and web application stressing.Testing virtual domains configuration without the need to alter your local resolver.Check if your redirects are working correctly emitting the right HTTP code.Test if the HTTP compression is working and if it is actually serving pages faster.Use it as a configuration-less HTTP server to share files! (see the server mode documentation at the end of the Wbox tutorial in this page, but it's as simple as % wbox servermode webroot /tmp) Wbox is free software under the BSD license and was written in ANSI C (POSIX runtime required) by Salvatore 'antirez' Sanfilippo.
reDuh - HTTP Tunneling Proxy Authors: Haroon Meer, Marco Slaviero, Glenn Wilkonson (reDuhClient && JSP), Gert Burger (PHP), Ian de Villiers (ASPX)Cost: FreeSource Code: GitHubVersion : 0.3License : GPLRelease Date : 2008/07/29Recent Changes : Fixed issues with PHP version and older versions of PHP reDuh was released as part of SensePost's BlackHat USA 2008 talk on tunnelling data in and out of networks. reDuh is actually a tool that can be used to create a TCP circuit through validly formed HTTP requests. Essentially this means that if we can upload a JSP/PHP/ASP page on a server, we can connect to hosts behind that server trivially. While the original documentation made heavy use of bad ASCII art we had to have prettier pics for the .ppt so here you go:
SiteTimer About SiteTimer Web Monitor allows you to monitor how long it takes for a user to download one or more of your web site pages. It visits the page that your request and downloads all content that's directly linked from that page; Images Frames IFrames Script files It follows redirects As the pages are downloaded, SiteTimer stores statistics on how long time each item takes to download, and how much data they contained. This information is then presented in a grid. Attack and Defense Labs - Tools Ravan is a JavaScript Distributed Computing system that uses HTML5 WebWorkers to perform brute force attacks on salted hashes in background JavaScript threads across a farm of workers. Salted and plain versions of the following hashing algorithms are currently supported: MD5 SHA1 SHA256 SHA512 Try it online Description JS-Recon a HTML5 based JavaScript Network Reconnaissance tool. It uses HTML5 features like CrossOriginRequests and WebSockets to perform network and port scanning from the browser. Current functionality:
Web Page Analyzer - free website optimization tool website speed test check website performance report from web site optimization Free Website Performance Tool and Web Page Speed Analysis Try our free web site speed test to improve website performance. Enter a URL below to calculate page size, composition, and download time. The script calculates the size of individual elements and sums up each type of web page component. Based on these page characteristics the script then offers advice on how to improve page load time. The script incorporates the latest best practices from Website Optimization Secrets, web page size guidelines and trends, and web site optimization techniques into its recommendations.
Burp Suite Tutorial Repeater and Comparer Tools Security Ninja Hi everyone, I was very happy to see that a lot of people liked the Burp Suite Tutorial (Intruder Tool) blog post last week. I plan to publish more tutorials for the Burp Suite and this week I will be covering the Repeater and Comparer tools.