Software:WebScarab
 Screenshot of WebScarab | |
| Developer(s) | The Open Web Application Security Project |
|---|---|
| Repository | github |
| Written in | Java |
| Successor | Zed Attack Proxy |
| Type | Web security testing tool |
| License | GPLv2 |
| Website | WebScarab |
WebScarab is a web security application testing tool. It serves as a proxy that intercepts and allows people to alter web browser web requests (both HTTP and HTTPS) and web server replies. WebScarab also may record traffic for further review.[1]
In 2013 official development of WebScarab slowed. The project repository was archived on 4 April 2024.[2] The website of the project was also archived and recommends using OWASP's Zed Attack Proxy instead.[3]
Overview
WebScarab is an open source tool developed by The Open Web Application Security Project (OWASP), and was implemented in Java so it could run across multiple operating systems.[4]
WebScarab is meant to act as a framework, being extensible and with most features being implemented as plugins.[3]
Features
Some of the features provided by plugins include: [3]
- An intercepting proxy server
- Executing Java commands with BeanShell
- Emulating a slower network
- Acting as a web crawler
- Fuzzing request parameters
- Cross-site scripting analysis
References
- ↑ Hope, Brian; Walther, Ben (2009). Web security testing cookbook : systematic techniques to find problems fast. Internet Archive. Sebastopol, Ca. : O'Reilly. ISBN 978-0-596-51483-9. http://archive.org/details/websecuritytesti00hope.
- ↑ "OWASP-WebScarab GitHub repository". GitHub. https://github.com/OWASP/OWASP-WebScarab. Retrieved 23 May 2025.
- ↑ 3.0 3.1 3.2 "OWASP-WebScarab website". OWASP. http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project. Retrieved 23 May 2025.
- ↑ "Website Design for Crafting a Captivating Online Presence" (in en-US). https://arkansas.dev/search-management/website-design/.
External links
 |  |
