[prev in list] [next in list] [prev in thread] [next in thread]
List: webappsec
Subject: RE: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
From: Context IS - Disclosure <disclosure () contextis ! co ! uk>
Date: 2011-08-09 9:34:53
Message-ID: 9CE75E98979ABC448892B4284A51E252CD6855B8DE () kestrel ! london ! contextis ! co ! uk
[Download RAW message or body]
Under native Windows, CAT will only use IE to render the HTML. I can see your point \
as to why you might not want to use IE and I will look into adding in a Gecko \
rendering option for the next version.
Under Mono it uses the Mono provided WebBrowser control, which rendering engine is \
used depends on the operating system's configuration e.g. Gecko or WebKit. For more \
details see: http://www.mono-project.com/WebBrowser
The license can be see here:
http://www.contextis.co.uk/resources/tools/cat/download/Cat_EULA.txt
Cheers,
Mike
________________________________________
From: Valdis.Kletnieks@vt.edu [Valdis.Kletnieks@vt.edu]
Sent: 04 August 2011 15:35
To: Context IS - Disclosure
Cc: full-disclosure@lists.grok.org.uk; webappsec@securityfocus.com; \
websecurity@webappsec.org; owasp-all@lists.owasp.org
Subject: Re: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
On Thu, 04 Aug 2011 01:45:16 BST, Context IS - Disclosure said:
> CAT is a tool for manual web application penetration testing and includes t he \
> following features:
Sounds at least potentially interesting. A few questions:
> - CAT uses Internet Explorer's rendering engine for accurate HTML \
> representation
Is this optional/switchable? Might be nice to *not* use the actual IE render
engine if you're working on serving up a client-side exploit via XSS - that would
be shooting yourself in the foot then. ;)
> - MONO Support for Linux and OSX (Currently in Beta).
What render engine does it use for Linux/OSX? Or is this referring to using
MONO to talk from a Windows test box to a Linux/OSX target?
> - It is totally free!
What license?
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic