8f89989223
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@330 4033779f-a91e-0410-96ef-6bf7bf53c507
36 lines
1.7 KiB
HTML
36 lines
1.7 KiB
HTML
|
|
<!-- Start Instructions -->
|
|
<h1>Useful Tools</h1>
|
|
<p>
|
|
Here we want to present you some useful tools. You will need WebScarab
|
|
to solve most of the lessons. </p>
|
|
<h2>WebScarab:</h2>
|
|
<p>
|
|
As WebGoat, WebScarab is a part of OWASP.
|
|
WebScarab is a framework for analysing applications that
|
|
communicate using the HTTP and HTTPS protocols. Because WebScarab
|
|
operates as an intercepting proxy, we can review and modify requests
|
|
and responses.<br><br>
|
|
<img src="/WebGoat/images/introduction/webscarab.jpg"><br><br>
|
|
Webpage:<a href="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project">http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project</a>
|
|
</p>
|
|
<h2>Firebug:</h2>
|
|
<p>
|
|
Firebug is an add-on for the Firefox browser. We can use it to inspect, edit and monitor CSS, HTML and JavaScript.<br><br>
|
|
<img src="/WebGoat/images/introduction/firebug.jpg"><br><br>
|
|
Webpage:<a href="http://www.getfirebug.com" target="_blank">http://www.getfirebug.com</a>
|
|
<br><br>
|
|
<b>IEWatch:</b><br><br>
|
|
IEWatch is a tool to analyse HTTP and HTML for users of the Internet Explorer.<br><br>
|
|
<img src="/WebGoat/images/introduction/iewatch.jpg"><br><br>
|
|
Webpage:<a href="http://www.iewatch.com" target="_blank">http://www.iewatch.com</a>
|
|
</p>
|
|
<h2>Scanner:</h2>
|
|
<p>
|
|
There exist a lot of vulnerability scanner for your own web applications. They can find XSS, Injection Flaws and other vulnerabilities. Here the links to two open source scanner. <br><br>
|
|
Nessus:<a href="http://www.nessus.org" target="_blank">http://www.nessus.org</a><br>
|
|
Paros:<a href="http://www.parosproxy.org" target="_blank">http://www.parosproxy.org</a><br>
|
|
</p>
|
|
<!-- Stop Instructions -->
|
|
<br>
|