Paros v3.1.1 released
('binary' encoding is not supported, stored as-is)
Paros v3.1.1 is now available at http://www.proofsecure.com/download.htm
[Brief Introduction]
Paros is a man-in-the-middle proxy and application vulnerability scanner. It allows users to intercept and modify HTTP and HTTPS data on-the-fly between web server and client browser. It also supports client-certificate, proxy-chaining, filtering and various vulnerability scanning.
[License]
- Clarified Artistic License (open source and GPL-compatible license)
[New feature]
- add URL encoder/decoder in "Tools|Hash/Encoding..."
- improve performance in reading HTTP header
- add a 'Comment' panel in Log Analyzer to show comments
- add a 'Script' panel in Log Analyzer to show scripts
- add two filters 'ReplaceRequestHeader' and 'ReplaceRequestBody' to replace text in HTTP requests
- rename cookietampering to CRLFInjection to better describe the scanner test case
[Fix]
- solved a bug that SQL scanner checks may use the tampered/modified query string for scanning
- solved a bug that the report may be generated before the last scan thread ends.
- modified 'CookieDetectFilter' filter to handle mutiple Set-Cookie lines in header.
Queries, bug reports and comments on Paros can be sent to
paros@proofsecure.com
by ProofSecure.com
---------------------------------------------------------------------------
You're a pen tester, but is google.com still your R&D team?
Now you can get trustworthy commercial-grade exploits and the latest
techniques from a world-class research group.
www.coresecurity.com/promos/sf_ept1
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7
: Sat Apr 12 2008 - 10:53:51 EDT