ratproxy is a semi-automated, largely passive Web application security audit tool optimized for accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex Web 2.0 environments.
|Operating Systems||POSIX Linux BSD Windows Windows Cygwin Mac OS X|
Release Notes: Another round of minor tweaks to the connection handling logic to improve compatibility with certain Web servers.
Release Notes: This release adds new checks for Flash crossdomain.xml and Silverlight clientaccesspolicy.xml, and reverts HTTP/1.1 logic introduced in 1.55.
Release Notes: A minor change was made to always output HTTP/1.1 headers to avoid the activation of certain Web server heuristics.
Release Notes: A minor usability fix was made to HTTPS handling when communicating over CONNECT proxies.
Release Notes: This release makes minor improvements to XSRF token detection.