Security Testing using OWASP WebScarab
I will demonstrate how to use WebScarab to easily and transparently intercept web traffic.
This is one of the basic step in web application hacking and analysis of web security.
Even casual hackers can use it to see what goes behind the screen while you browse particular website.
WebScarab is a framework for analysing web applications by operating as intercepting proxy, allowing the user to review and modify HTTP requests
created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser.
WebScarab is able to intercept both HTTP and HTTPS communication. This makes it one of the powerful tool when it comes to web application security.
What I wish to present
How to setup WebScarab and then use it to intercept & analyze web traffic.
I will take the example of Firefox here but similar steps will apply to other web browsers also.
Intercepting Web Traffic
Penetration testing and vulnerability assesment