[OWASP-TESTING] Suru Web Application Assessment Proxy

Roelof Temmingh roelof at sensepost.com
Wed Aug 23 07:30:15 EDT 2006

Hi there,

Putting this out there because I think it could be interesting for a lot
of you that's doing web application testing on a regular basis. Try it and
see if it's going to work for you.

BlackHat 2006 Vegas presentation (Suru component) at

Your feedback always more than welcome.


<blatant product rant>
Suru is a web application proxy that combines the best features of Wikto
and Crowbar as well as a very capable MiTM proxy. It understands XML and
Multi Part POSTS, which is good for thick clients using web services. Also
supports SSL - in the standard mitm configuration. Does file/directory
recon and works nicely with fuzzing parameters and grouping responses,
session saving, listening on all interfaces etc. etc. etc..Runs on .NET.

14 days eval, $200 to buy for life, no limitations, (and free
documentation ;)) at


</blatant product rant>

More information about the Owasp-testing mailing list