[Owasp-topten] A7 2013 - "Some proxies support this type of analysis"

Dave Wichers dave.wichers at owasp.org
Fri May 31 18:20:38 UTC 2013

I know that Burp Pro does. I'm not personally aware of any others that do.
I'm hesitant to add a comment about Burp Pro to the Top 10 since it's a
commercial tool.


If anyone knows of any others that do, commercial or otherwise, please let
us know.




From: owasp-topten-bounces at lists.owasp.org
[mailto:owasp-topten-bounces at lists.owasp.org] On Behalf Of Ryan Dewhurst
Sent: Friday, May 31, 2013 11:09 AM
To: OWASP TopTen
Subject: [Owasp-topten] A7 2013 - "Some proxies support this type of




On "Top 10 2013-A7-Missing Function Level Access Control" under the "Am I
Vulnerable To 'Missing Function Level Access Control'?" section it states
"Some proxies support this type of analysis.". -


Does anyone know which proxies support this kind of analysis? Burp, Zap,


I ask out of personal curiosity but not sure if it is also worth adding
which proxies to that text.




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-topten/attachments/20130531/6c0b04fa/attachment.html>

More information about the Owasp-topten mailing list