Paros Proxy 3.2.11 Released – MITM HTTP and HTTPS Proxy

The New Acunetix V12 Engine


Paros 3.2.11 has been released. This version is a maintenance release with a useful feature requested by various users. All users are recommended to upgrade to this version.

One of my favourite proxy options, along side the Burp Proxy (evolved into Burp Suite).

Paros labels itself as MITM Proxy + Spider + Scanner plus anything else you want it to be, it is a pretty neat piece of software.

It’s particularly useful for testing web applications and things such as insecure sessions.

Paros is free of charge and completely written in Java. Through Paros’s proxy nature, all HTTP and HTTPS data between server and client, including cookies and form fields, can be intercepted and modified.

A Java based HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.

These proxies have a different purpose than those personal type proxies like Proxomitron which are intended to protect you, clean adverts, block spyware and so on. Proxies like Paros and Burp are meant for examining the security of applications and web application auditing.

You do need Java Run Time Enviroment (JRE) 1.4 (or above) to install Paros.

You can download the latest version of Paros Here.

3.2.11 Release Notes

Posted in: Hacking Tools, Web Hacking

, , , , , , , ,


Latest Posts:


SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.
Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.


3 Responses to Paros Proxy 3.2.11 Released – MITM HTTP and HTTPS Proxy

  1. eddie May 8, 2006 at 2:17 pm #

    i need to get into my space frm schoool.

  2. eric May 12, 2006 at 1:54 pm #

    a proxy spider site that is not blocked

  3. min May 24, 2006 at 6:55 pm #

    i need to get in, and plus i need a proxy that can let me sign in as well cuz other proxys is like gay and annoymous so that i cant even sign in..so yea..