[Owasp-topten] A7 2013 - "Some proxies support this type of analysis"

Dave Wichers dave.wichers at owasp.org
Fri May 31 18:20:38 UTC 2013


I know that Burp Pro does. I'm not personally aware of any others that do.
I'm hesitant to add a comment about Burp Pro to the Top 10 since it's a
commercial tool.

 

If anyone knows of any others that do, commercial or otherwise, please let
us know.

 

-Dave

 

From: owasp-topten-bounces at lists.owasp.org
[mailto:owasp-topten-bounces at lists.owasp.org] On Behalf Of Ryan Dewhurst
Sent: Friday, May 31, 2013 11:09 AM
To: OWASP TopTen
Subject: [Owasp-topten] A7 2013 - "Some proxies support this type of
analysis"

 

Hi,

 

On "Top 10 2013-A7-Missing Function Level Access Control" under the "Am I
Vulnerable To 'Missing Function Level Access Control'?" section it states
"Some proxies support this type of analysis.". -
https://www.owasp.org/index.php/Top_10_2013-A7

 

Does anyone know which proxies support this kind of analysis? Burp, Zap,
others?

 

I ask out of personal curiosity but not sure if it is also worth adding
which proxies to that text.

 

Thanks,

Ryan

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-topten/attachments/20130531/6c0b04fa/attachment.html>


More information about the Owasp-topten mailing list