Google released Ratproxy - a free Web application security scanner

Forum

Google released Ratproxy - a free Web application security scanner
Juha-Matti Laurio	Thursday, July 3, 2008 16 years ago • 2,612 views
"Google has released for free one of its internal tools used for testing the security of Web-based applications. Ratproxy, released [as beta] under an Apache 2.0 software license, looks for a variety of coding problems in Web applications, such as errors that could allow a cross-site scripting attack or cause caching problems. ....." http://www.pcworld.com/article/147917/google_gives_away_free_web_application_security_scanner.html And Google Online Security Blog's entry: http://googleonlinesecurity.blogspot.com/2008/07/meet-ratproxy-our-passive-web-security.html The tool: http://code.google.com/p/ratproxy
Roger Browne	16 years ago #
The documentation is here: http://code.google.com/p/ratproxy/wiki/RatproxyDoc One of the things it says is: "Key low-level check groups implemented by ratproxy [include] subtle mistakes such as serving GIF files as image/jpeg" Yet Philipp found YouTube serving animated GIFs as JPGs here: http://blogoscoped.com/archive/2008-07-01-n65.html So maybe YouTube hasn't started using this tool yet.
Juha-Matti Laurio	16 years ago #
Tnx for additional links

Blog | Forum more >> Archive | Feed | Google's blogs | About

This site unofficially covers Google™ and more with some rights reserved. Join our forum!