Websecurify

Regular updates about Websecurify free and premium website scanners, proxies, fuzzers and insight knowledge about SQL Injection, Cross-site Scripting and other vulnerabilities

BadAssProxy 0.5.0-alpha

BadAssProxy is an experimental proxy tool (released at the beginning of this year) available on all major platforms and, for a change, not based on Java or .NET. It is very portable and very unique because it doesn't buffer, it doesn't wait and in general it can proxy even heavy-duty applications with no problems whatsoever.

This weekend we want to say that we are almost ready with another version.

Screenshot 01

You can download the binaries from here (windows) and here (mac). The linux binaries will be available with the final version - unfortunately we haven't tested it well on this platform due to time constraints and other problems.

What's New

It is fair to say that we have changed almost everything except for the user interface which was re-touched and modified to work with the new architecture. We have based the entire proxy on google chrome mixed together with nodejs and a few other technologies. The resulting binary is about 30mb in size but it has everything that you need. Is it worth it? Well this technology combo opens the doors to very powerful ideas, which in our opinion will produce better security tools in the long run.

Although the proxy can intercept HTTP and HTTPS it cannot buffer and change the data in transit. The architecture can do that but we haven't exposed it yet via the user interface. This will appear around version 1.0. Another much-anticipated feature which was not implemented is the ability to store the proxy sessions and restore them. This was not done either because the proxy is still experimental.

Conclusion

So what can I use it for? At the moment the proxy is merely a proof of concept. We did it because we can. In our opinion the tools in the Suite are much more powerful and give greater control over the process and this is where we spend most of our mental powers. Proxies are a thing of the past but there is no harm to make one every once in a while given that it is not a technically challenging process.

Nevertheless, we will keep working on the tool and perhaps in the very near future we will have a complete product.

Comments Powered ByDisqus