lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1033061556.30393.160.camel@www.immunitysec.com>
From: dave at immunitysec.com (Dave Aitel)
Subject: SPIKE Proxy 1.3 Release Announcement~

Immunity, Inc. is proud to announce the release of SPIKE Proxy version
1.3. SPIKE Proxy is an award winning web application auditing tool that
can perform the following important checks for a web developer:
o SQL Injection
o Directory scanning
o File Scanning
o Crawling
o Overflows and format strings

In addition, SPIKE Proxy provides the application auditor or developer a
powerful form rewriting utility for manual analysis, and a complete data
store of all web analysis activity.

SPIKE Proxy is an Open Source (GPL) contribution to the community.

Download now from http://www.immunitysec.com/spike.html

Dave Aitel
Media and Public Relations
Immunity, Inc.


Changelog below is also available from
http://www.immunitysec.com/SPIKEPROXYCHANGELOG.txt
1.3
Sep 26, 2002
Crawling
   o added form parser
   o added rawparser for when SGML parser fails
   o caught SGML parser failing exception nicely
   o removed If- headers when crawling
   o revitalized core logic to work better against various test pages
   o don't forget that crawling MUST start from a page - so to initiate
     it go to a page and then you'll see the crawl option
Core engine
   o handles chunked responses much better
   o handles all responses better in general - many fixes to spkproxy.py
     If a page doesn't work now, I'd like to know about it
   o Fixed servers that close sockets even if I have keep-alive on
   o added deletion of headers to header API
UI
   o Added stop-all-actions and start-actions to enable a user to stop a
runaway argscan or dirscan or overflow or crawl
     To use this, just click on stop while the action is happening, and
then later click on start again to enable
     automatic functionality
   o Added dirscan - to use this go to the root of where you want to
start your scan
     o file extention scan looks for file.bak, file~, etc
     o directory scan looks for common directories. I have a long list
in words, and if this is
       too long for you, replace words with shortwords and retry your
dirscan
   o Added time to logging information, and extended logging information
fields to 1500.
   o Slowed log page refresh to 25 seconds (you can always click refresh
to get it immediately)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020926/a3537b8a/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ