<!-- Start Instructions -->
<h1>Useful Tools</h1>
<p>
Here we want to present you some useful tools. You will need WebScarab 
to solve most of the lessons. </p>
<h2>WebScarab:</h2>
<p>
As WebGoat, WebScarab is a part of OWASP. 
WebScarab is a framework for analysing applications that 
communicate using the HTTP and HTTPS protocols. Because WebScarab 
operates as an intercepting proxy, we can review and modify requests 
and responses.<br><br>
<img src="/WebGoat/images/introduction/webscarab.jpg"><br><br>
Webpage:<a href="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project">http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project</a>
</p>
<h2>Firebug:</h2>
<p>
Firebug is an add-on for the Firefox browser. We can use it to inspect, edit and monitor CSS, HTML and JavaScript.<br><br>
<img src="/WebGoat/images/introduction/firebug.jpg"><br><br>
Webpage:<a href="http://www.getfirebug.com" target="_blank">http://www.getfirebug.com</a>
<br><br>
<b>IEWatch:</b><br><br>
IEWatch is a tool to analyse HTTP and HTML for users of the Internet Explorer.<br><br>
<img src="/WebGoat/images/introduction/iewatch.jpg"><br><br>
Webpage:<a href="http://www.iewatch.com" target="_blank">http://www.iewatch.com</a>
</p>
<h2>Scanner:</h2>
<p>
There exist a lot of vulnerability scanner for your own web applications. They can find XSS, Injection Flaws and other vulnerabilities. Here the links to two open source scanner. <br><br>
Nessus:<a href="http://www.nessus.org" target="_blank">http://www.nessus.org</a><br>
Paros:<a href="http://www.parosproxy.org" target="_blank">http://www.parosproxy.org</a><br>
</p>
<!-- Stop Instructions -->
<br>