[OWASP-WEBSCARAB] Request for beta-testers: WebScarab
xxradar
xxradar at radarhack.com
Sun Jan 29 04:12:09 EST 2006
Hi all,
I've been playing around some time to use the PKCS#11 interface with the
latest version provided to test ..
Does anybody actually get the SSL part working or am I overlooking
something? I have Webscarab running on windowsXP and I configured IE to use
always the Webscarab proxy on 8008 (fro all protocols). Every time I try to
establish a SSL connection, Webscarab seems to reset the connections ?
Thanks for the help,
Philippe
-----Original Message-----
From: owasp-webscarab-admin at lists.sourceforge.net
[mailto:owasp-webscarab-admin at lists.sourceforge.net] On Behalf Of Rogan
Dawes
Sent: Monday, January 23, 2006 2:57 PM
To: OWASP WebScarab; webappsec at securityfocus.com
Subject: [OWASP-WEBSCARAB] Request for beta-testers: WebScarab
Hi folks
There is a test-release version of WebScarab available on my personal
web site.
<http://dawes.za.net/rogan/webscarab/webscarab-one-20060123-0815.jar>
Interesting new features in this version are:
* Comprehensive support for authentication, both Proxy and WWW,
including Basic Auth, NTLM, and Negotiate (not Kerberos, though)
* Revised client certificate management, supporting multiple client
certificates, and easy selection of which certificate to use.
* A new plugin contributed by Meder Kydyraliev, which enables WebScarab
to check if any of the retrieved pages exist with a backup extension
such as .bak, ~, etc, and if any folders exist as zipped, arjed, tarred,
etc archives, which may enable the tester to download the entire site.
* WebScarab is distributed using a new packaging technique, replacing
the "-selfcontained" distribution with a "one-jar" version that can
simply be run by double-clicking. It is a better solution that avoids
some of the resource conflicts generated by ProGuard that users have
reported in the past.
At this point, this is not intended to be an official release. I am
making this announcement to solicit testers for feedback on the new
features.
Depending on the feedback received, I will make a formal release through
sourceforge in a few days time.
On a slightly different note, the CVS repository at SourceForge will
become more and more outdated. I have moved to a git source control
repository which can be browsed at http://dawes.za.net/gitweb.cgi, or
cloned from http://dawes.za.net/webscarab.git/
Feedback welcome, but please unobfuscate my email address before
replying. It is lists AT dawes.za.net.
Regards,
Rogan
-------------------------------------------------------------------------
This List Sponsored by: Watchfire
Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Owasp-webscarab mailing list
Owasp-webscarab at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/owasp-webscarab
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.14.22/239 - Release Date: 1/24/2006
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.14.23/243 - Release Date: 1/27/2006
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.14.23/243 - Release Date: 1/27/2006
More information about the Owasp-webscarab
mailing list