[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1033061556.30393.160.camel@www.immunitysec.com>
From: dave at immunitysec.com (Dave Aitel)
Subject: SPIKE Proxy 1.3 Release Announcement~
Immunity, Inc. is proud to announce the release of SPIKE Proxy version
1.3. SPIKE Proxy is an award winning web application auditing tool that
can perform the following important checks for a web developer:
o SQL Injection
o Directory scanning
o File Scanning
o Crawling
o Overflows and format strings
In addition, SPIKE Proxy provides the application auditor or developer a
powerful form rewriting utility for manual analysis, and a complete data
store of all web analysis activity.
SPIKE Proxy is an Open Source (GPL) contribution to the community.
Download now from http://www.immunitysec.com/spike.html
Dave Aitel
Media and Public Relations
Immunity, Inc.
Changelog below is also available from
http://www.immunitysec.com/SPIKEPROXYCHANGELOG.txt
1.3
Sep 26, 2002
Crawling
o added form parser
o added rawparser for when SGML parser fails
o caught SGML parser failing exception nicely
o removed If- headers when crawling
o revitalized core logic to work better against various test pages
o don't forget that crawling MUST start from a page - so to initiate
it go to a page and then you'll see the crawl option
Core engine
o handles chunked responses much better
o handles all responses better in general - many fixes to spkproxy.py
If a page doesn't work now, I'd like to know about it
o Fixed servers that close sockets even if I have keep-alive on
o added deletion of headers to header API
UI
o Added stop-all-actions and start-actions to enable a user to stop a
runaway argscan or dirscan or overflow or crawl
To use this, just click on stop while the action is happening, and
then later click on start again to enable
automatic functionality
o Added dirscan - to use this go to the root of where you want to
start your scan
o file extention scan looks for file.bak, file~, etc
o directory scan looks for common directories. I have a long list
in words, and if this is
too long for you, replace words with shortwords and retry your
dirscan
o Added time to logging information, and extended logging information
fields to 1500.
o Slowed log page refresh to 25 seconds (you can always click refresh
to get it immediately)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020926/a3537b8a/attachment.bin
Powered by blists - more mailing lists