f487-AppScan_Tools.zip (7071 K)
.Net Framework ¼³Ä¡ ÇÊ¿ä
--------------------------------------
1. About Watchfire (R) PowerTools (TM)
--------------------------------------
Watchfire (R) PowerTools (TM) include the following utilities:
1) HTTP Proxy - An HTTP intercepting proxy which allows users to stop, edit and submit requests and responses between the client and the server. It includes the ability to write automated scripts in JavaScript using the utility API. This enables users to manipulate requests/responses automatically on the fly. Watchfire HTTP Proxy also includes logging facilities for debugging of HTTP communications.
2) Connection Test - An HTTP pinging utility which helps website developers and auditors to test the connection between a client and a web server. Unlike the command PING, which uses the ICMP protocol (that is sometimes blocked by firewalls), Watchfire Connection Test uses the HTTP protocol to communicate with the website.
3) HTTP Request Editor ?An HTTP request editor that enables users to create specific HTTP requests and send them to a website. The editing can be done either on the raw request, or by viewing the request in a "parsed" mode. The response to the request can be viewed either raw, or in an embedded browser.
4) Expression Test - A tool for testing regular expression patterns on a given text.
5) Encode/Decode - A utility that transforms text strings into several encoding methods, such as URL Encoding, Base64, 3DES, MD5, SHA1, HTML entities and Overlong UTF-8.
6) Web Services Explorer - A tool that lets you examine the different methods incorporated in the web service, manipulate input data and examine feedback.
7) Token Analyzer - This tool provides various tests for your web application session tokens to determine how secure your application is against session theft. These tests, based on mathematical algorithms, reveal the strengths and weaknesses of your session tokens.
8) Authentication Tester - A brute-force-like testing utility that detects weak username-password combinations that could be used to gain access to your web application.
|