WebScarab - a security test tool for web applications
Written by meena on July 31, 2006 – 1:44 pmSometimes when creating performance testing scripts, you will stumble upon vulnerabilities in the application under test.
Maybe you will miss a value you should have correlated before sending to the server, and when you go back and check your script you will find that (hypothetically) the web store is allowing you to purchase every item in their inventory for $9.95.
WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
WebScarab is designed to be a tool for anyone who needs to expose the workings of an HTTP(S) based application, whether to allow the developer to debug otherwise difficult problems, or to allow a security specialist to identify vulnerabilities in the way that the application has been designed or implemented.
You can download WebScarab from the OWASP Source Code Center at Sourceforge.
Source: MyLoadTest
technorati tags:Tools, Security, SQLInjection
Blogged with Flock
Posted in Performance Testing |
