ProxyStrike 2.0 - Active Web application proxy

ProxyStrike es un active Web Application Proxy, una herramienta diseñada para encontrar vulnerabilidades mientras se navega una aplicacion. Fue creado debido a los problemas que enfrentan los pentests de aplicaciones web que depende en gran medida de Javascript.

Caracteristicas:

• Request interceptor
• Request diffing
• Request repeater
• Save/restore session
• Http request/response history
• Request parameter stats
• Request parameter values stats
• Request url parameter signing and header field signing
• Use of an alternate proxy (tor for example ;D )
• Sql attacks
• Xss attacks
• Attack logs
• Export results to HTML or XML
• Console version (python proxystrike.py -c / proxystrike.exe -c)

The process is very simple, ProxyStrike runs like a passive proxy listening in port 8008 by default, so you have to browse the desired web site setting your browser to use ProxyStrike as a proxy, and ProxyStrike will analyze all the paremeters in background mode.

Downloads:

• ProxyStrike v2.0 (Windows) (02/07/2008)
• ProxyStrike v2.0 (Linux/OSX) (02/07/2008)

Note: Linux/OSX versions depends on following packages:

• PyQt4 - Sip - Qt4 (Only GUI version)
• PyOpenSSL
• PyCurl

Web del proyecto