|
|
Penetration Testing
Help on TCP interception tool Dec 09 2010 01:27PM Vedantam Sekhar (vedantamsekhar gmail com) (4 replies) Re: Help on TCP interception tool Dec 10 2010 11:05AM Adrien JOLIBERT (jolibert gmail com) (1 replies) Re: Help on TCP interception tool Dec 11 2010 07:48AM Srikanth kovuri (tosrikanthkr gmail com) (1 replies) Re: Help on TCP interception tool Feb 05 2011 10:13AM Erik Hjelmvik (erik hjelmvik gmail com) (1 replies) RE: Help on TCP interception tool Dec 10 2010 10:53AM Demetris Papapetrou (dpapapetrou internalaudit gov cy) |
|
Privacy Statement |
> The open source variant of Paros hasnt been updated for many years.
> However the OWASP Zed Attack Proxy
> is a fork of Paros and is under active development.
> See http://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
> for more details.
Its nice to see they are working on this again (instead of the original
paros which vanished behind a paywall) but it is still using self signed
certs that expired in 2002. I am looking more at webscarab
(http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project)
although recently IE has had issues with its certificate spoofing (it
uses the exact same public key for its fake CA as for the issued cert;
this saves coding, but IE is doing something stupid with that and
believing its a self-signed cert instead of looking up the CA cert in
its keystore.)
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]