[OWASP-Raleigh, NC] WebScarabNG question.

Fred Williams Fred.Williams at sas.com
Wed Jun 3 15:09:54 EDT 2009

Cool - I didn't know about Burp.   I just need a proxy server.

From: Michael Menefee [mailto:mmenefee at gmail.com]
Sent: Wednesday, June 03, 2009 3:08 PM
To: Steve Pinkham
Cc: Fred Williams; owasp-raleigh at lists.owasp.org
Subject: Re: [OWASP-Raleigh, NC] WebScarabNG question.

Agreed, Burpsuite is a little more prime-time. For those interested, here's the link to Burp


FYI, It's a proxy server (with many bells and whistles) useful when testing the security of your web apps

Thanks, Steve.


Steve Pinkham wrote:

Fred Williams wrote:

I"ve been trying to download a copy of the new version of WebScarab NG but I can't find the download anywhere behind the link provided on the OWASP site.  Anybody have any luck?


As far as I know, right now you have to pull it from git and build it

with maven.  This seems to be by design, as it's not really ready for

prime time.

I have a repo I build every once and a while to test, and then promptly

go back to burp. ;-)

Webscarab NG is still very bare-bones.

If you really have trouble building it and can't bare not trying it

right now, I can probably be persuaded to post a build, but it's really

not anything special at the moment.


Michael S. Menefee, CISSP (#43728)
Principal Consultant, WireHead Security
North Carolina OWASP Chapter Leader
Phone: (919) 863-4373
Cell: (919) 271-8883
Fax: (919) 882-8044
Email: mmenefee at wireheadsecurity.com<mailto:mmenefee at wireheadsecurity.com>
Website: www.wireheadsecurity.com<http://www.wireheadsecurity.com/>

More information about the Owasp-raleigh mailing list