From: contact@parosproxy.org
Date: Sun Jun 12 2005 - 08:35:13 EDT
The new verison is available at http://www.parosproxy.org.
Queries, bug reports and comments on Paros can be sent to [contact at parosproxy org]. Please feel free to send any comments to us!
[Installation]
If you have installed the old version, you should uninstall it first.
The default installation used 96M VM. For large site testing, you may adjust it depending on your need
and the memory you have (eg 128M)
[Brief introduction]
Paros is a man-in-the-middle proxy and application vulnerability scanner. It allows
users to intercept, modify and debug HTTP and HTTPS data on-the-fly between web
server and client browser. It also supports spidering, proxy-chaining, filtering
and application vulnerability scanning.
[License] - Clarified Artistic License (open source and GPL-compatible license)
[Details/new features]
3.2.2
=====
New
- Support command line spider, scanner and report generation. This can be useful for scheduled scanning.
Eg java -jar paros.jar -newsession test.session -spider -seed http://www.some_domain.org -scan -last_report_scan report.htm
can create a new session called test, crawl the site, scan and then generate the report.
The user can view the session by running normal GUI mode as usual.
- Export selected history to file. Right-click on the History panel to export the HTTP messages to a text file.
- Http state can be enabled (only support state using cookie). This allow reuse of session for scanning. Also improve spider accuracy.
This function need to be enabled in the "Edit->enable state". Use it when you need to override the current session.
- Improved spider to handle Meta tags and also avoid early termination of spider threads if the last URL is crawled.
Fix
- NTLM proxy authentication support. Thanks to the user reporting this bug.
- Proxy skip setting unable to read configuration on first use.
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:24 EDT