[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#489278: ITP: ratproxy -- passive web application security assessment tool

Package: wnpp
Severity: wishlist
Owner: Patrick Schoenfeld <schoenfeld@in-medias-res.com>

* Package name    : ratproxy
  Version         : 1.51
  Upstream Author : Michal Zalewski <lcamtuf@google.com>
                    (Copyright:  2007, 2008 by Google)
* URL             : http://code.google.com/p/ratproxy/
* License         : Apache License, Version 2.0
  Programming Lang: C
  Description     : passive web application security assessment tool

A semi-automated, largely passive web application security audit tool,
optimized for an accurate and sensitive detection, and automatic
annotation, of potential problems and security-relevant design patterns
based on the observation of existing, user-initiated traffic in complex
web 2.0 environments.

Detects and prioritizes broad classes of security problems, such as
dynamic cross-site trust model considerations, script inclusion issues,
content serving problems, insufficient XSRF and XSS defenses, and much

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Reply to: