Google RatProxy looks for cross-site flaws

Google released a free tool Tuesday that should help Web developers find and fix cross-site vulnerabilities.

The tool, RatProxy, is described by Google as "a semi-automated, largely passive Web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex Web 2.0 environments."

The tool is versatile, detecting and ranking a broad class of vulnerabilities. Included are script injections, cross-site trust attacks, content-serving vulnerabilities, cross-site request forgeries (XSRF), and cross-site scripting (XSS).

RatProxy runs on Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.

Google RatProxy detects and prioritizes a variety of common cross-site vulnerabilities. (Credit: Google)

Like this article? Click below to send it to your mobile for free!

Talkback 0 comments


Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • Renai LeMay Australian Govt funds IT start-ups
    This week Australia's Federal Government announced it had allocated $3.6 million in funding to 57 local research projects so that they could be commercialised, with many of them being web or IT-related start-ups.
  • Array Google should come clean on datacentres
    It's nice that Google says it has put an effort into making its datacentres more energy efficient, but the search giant's pledges won't mean much until it discloses just how many of the beasties it's actually running.
  • Array US shows what OPEL could have been
    Sprint's WiMAX roll-out in Baltimore will prove the Australian government's decision to worm its way out of the Opel WiMAX contract was a short-sighted, and ultimately damaging, political stunt that has benefited nobody.
  • More blogs »

Tags

  1. 6 articles are tagged with 2009
  2. 212 articles are tagged with acquisition
  3. 36 articles are tagged with android
  4. 272 articles are tagged with antivirus
  5. 1162 articles are tagged with apple
  6. 11 articles are tagged with bankwest
  7. 1174 articles are tagged with broadband
  8. 358 articles are tagged with browser
  9. 48 articles are tagged with cba
  10. 97 articles are tagged with chief information officer
  11. 532 articles are tagged with cio
  12. 374 articles are tagged with cisco
  13. 39 articles are tagged with cuts
  14. 146 articles are tagged with eds
  15. 345 articles are tagged with email
  16. 942 articles are tagged with google
  17. 850 articles are tagged with government
  18. 346 articles are tagged with hacker
  19. 184 articles are tagged with hewlett-packard
  20. 706 articles are tagged with hp
  21. 30 articles are tagged with htc
  22. 1224 articles are tagged with ibm
  23. 938 articles are tagged with intel
  24. 258 articles are tagged with iphone
  25. 31 articles are tagged with it services
  26. 645 articles are tagged with jobs
  27. 343 articles are tagged with laptop
  28. 1247 articles are tagged with microsoft
  29. 1022 articles are tagged with mobile
  30. 37 articles are tagged with nbn
  31. 703 articles are tagged with optus
  32. 675 articles are tagged with oracle
  33. 461 articles are tagged with outsourcing
  34. 59 articles are tagged with photos
  35. 25 articles are tagged with president
  36. 172 articles are tagged with review
  37. 5 articles are tagged with sarah palin
  38. 2560 articles are tagged with security
  39. 1221 articles are tagged with software
  40. 714 articles are tagged with storage
  41. 1932 articles are tagged with telstra
  42. 153 articles are tagged with uk
  43. 46 articles are tagged with unisys
  44. 215 articles are tagged with us
  45. 241 articles are tagged with virtualisation
  46. 411 articles are tagged with vista
  47. 115 articles are tagged with vmware
  48. 1405 articles are tagged with windows
  49. 21 articles are tagged with windows 7
  50. 931 articles are tagged with wireless

Back to top

Featured