WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab has several modes of operation, implemented by a number of plugins.
In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser.
WebScarab is able to intercept both HTTP and HTTPS communication. The operator can also review the conversations (requests and responses) that have passed through WebScarab.
As WebScarab is a framework more than an actual tool it’s very extensible. Each feature above is implemented as a plugin, and can be removed or replaced. New features can be easily implemented as well.
There is a long list of current features.
The new version has a couple of bug fixes, a logo finally!
And a new memory utilisation widget that runs across the bottom (it does have some memory leaks).
Read more about WebScarab here.
You can download the new version here:
- Mimikatz – Gather Windows Credentials
- Dharma – Generation-based Context-free Grammar Fuzzing Tool
- Passgen – Random Character Generator For WPA/WPA2 Key Cracking
- OWASP Hatkit Proxy Project – HTTP/TCP Intercepting Proxy Tool
- Jarlsberg – Learn Web Application Exploits and Defenses
- Samurai Web Testing Framework – Web Application Security LiveCD
Most Read in Hacking Tools: