[Blackhat tool] WATOBO – THE WEB APPLICATION TOOLBOX – Penetration Testing

WATABO is a security tool for testing web applications. It is intended to enable security professionals to perform efficient (semi-automated) web application security audits.

Most important features:

WATOBO has Session Management capabilities! You can define login scripts as well as logout signatures. So you don’t have to login manually each time you get logged out.

WATOB can act as a transparent proxy (requires nfqueue)

WATOBO can perform vulnerability checks out of the box

WATOBO can perform checks on functions which are protected by Anti-CSRF-/One-Time-Tokens

WATOBO supports Inline De-/Encoding, so you don’t have to copy strings to a transcoder and back again. Just do it inside the request/response window with a simple mouse click.

WATOBO has smart filter functions, so you can find and navigate to the most interesting parts of the application easily.

WATOBO is written in (FX)Ruby and enables you to easily define your own checks

WATOBO runs on Windows, Linux, MacOS … every OS supporting (FX)Ruby

WATOBO is free software ( licensed under the GNU General Public License Version 2)

It’s by siberas

Installation

Installation on Windows
If you already have a running ruby installation, you can install watobo via ‘gem’
c:\> gem install watobo
This might take some time …

To start watobo enter
c:\> watobo_gui

Installation on Kali Linux

apt-get install watobo

More info and tutorial, please visit here.

The post [Blackhat tool] WATOBO – THE WEB APPLICATION TOOLBOX appeared first on Penetration Testing. http://ift.tt/2rwJtZS http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s