WATOBO- The Web Application Security Auditing Toolbox For XSS, LFI And SQL Injections
samedi 4 juillet 2015
Libellés :
Scripts
,
Security
,
tools
,
Tutorials
,
Website Security
~
WATOBO- The Web Application Security Auditing Toolbox
WATOBO is a security tool for testing web applications. It is intended to enable security professionals to perform efficient (semi-automated) web application security audits.
It is competent to the discovery of common vulnerabilities like (XSS, LFI, SQL injections etc) in web applications.
Most important features:
- WATOBO has Session Management capabilities! You can define login scripts as well as logout signatures. So you don’t have to login manually each time you get logged out.
- WATOBO can act as a transparent proxy (requires nfqueue)
- WATOBO can perform vulnerability checks out of the box
- WATOBO can perform checks on functions which are protected by Anti-CSRF-/One-Time-Tokens
- WATOBO supports Inline De-/Encoding, so you don’t have to copy strings to a transcoder and back again. Just do it inside the request/response window with a simple mouse click.
- WATOBO has smart filter functions, so you can find and navigate to the most interesting parts of the application easily.
- WATOBO is written in (FX)Ruby and enables you to easily define your own checks
- WATOBO runs on Windows, Linux, MacOS ... every OS supporting (FX)Ruby
- WATOBO is free software ( licensed under the GNU General Public License Version 2)
Installation on Windows
c:\> gem install watobo
This might take some time ...
To start watobo enter
c:\> watobo_gui
Installation on Kali Linux
WATOBO is included in the official Kali Linux repo. You can install it by
apt-get install watobo
0 commentaires :
Enregistrer un commentaire