WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab has several modes of operation, implemented by a number of plugins.
In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser.
WebScarab is able to intercept both HTTP and HTTPS communication. The operator can also review the conversations (requests and responses) that have passed through WebScarab.
As WebScarab is a framework more than an actual tool it’s very extensible. Each feature above is implemented as a plugin, and can be removed or replaced. New features can be easily implemented as well.
There is a long list of current features.
The new version has a couple of bug fixes, a logo finally!
And a new memory utilisation widget that runs across the bottom (it does have some memory leaks).
Read more about WebScarab here.
You can download the new version here:
- dirs3arch – HTTP File & Directory Brute Forcing Tool
- ODAT (Oracle Database Attacking Tool) – Test Oracle Database Security
- SHODAN – Expose Online Devices (Wind Turbines, Power Plants & More!)
- OWASP Hatkit Proxy Project – HTTP/TCP Intercepting Proxy Tool
- Jarlsberg – Learn Web Application Exploits and Defenses
- Samurai Web Testing Framework – Web Application Security LiveCD
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,857,705 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,043,374 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 619,162 views