Right now it has available SQL injection and XSS modules. Both modules are designed to catch as many vulnerabilities as they can, it’s that why the SQL Injection module is a Python port of the great “SQLibf“.
The process is very simple, ProxyStrike runs like a passive proxy listening in port 8008 by default, so you have to browse the desired web site setting your browser to use ProxyStrike as a proxy, and ProxyStrike will analyze all the paremeters in background mode. For the user is a passive proxy because you won’t see any different in the behaviour of the application, but in the background is very active.
- HTTP request/response history
- Request parameter stats
- Request parameter values stats
- Request URL parameter signing and header field signing
- Use of an alternate proxy (tor for example)
- SQL attacks
- XSS attacks
- Export results to HTML or XML
- Console version (python proxystrike.py -c / proxystrike.exe -c)
You can download ProxyStrike here:
Or read more here.
- american fuzzy lop – Security Oriented Fuzzing Tool
- KeeFarce – Extract KeePass Passwords (2.x) From Database
- 0d1n – Web HTTP Fuzzing Tool
- ProxyStrike v2.1 Released – Active Web Application Proxy Tool
- WATOBO – The Web Application Security Auditing Toolbox
- SPIKE Proxy – Application Level Security Assessment
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,940,348 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,277,337 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 659,216 views