« More companies seek third-party Web app code review, survey finds | Main | Tool: XSS Rays »

Watcher: a free web-app security testing and compliance auditing tool

"Watcher is designed as a Fiddler plugin that passively monitors HTTP/S traffic for vulnerabilities. It gives pen-testers hot-spot detection for user-controlled inputs, open redirects, and other issues, and it gives auditors an easy way to find PCI compliance and other organizational issues. Here’s some of the issues Watcher has checks for now:

  • Cross-domain stylesheet and javascript references
  • User-controllable cross-domain references
  • User-controllable attribute values such as href, form action, etc.
  • Cross-domain form POSTs
  • Insecure cookies which don’t set the HTTPOnly or secure flags
  • Open redirects which can be abused by spammers and phishers
  • Insecure Flash object parameters useful for cross-site scripting
  • Insecure Flash crossdomain.xml
  • Insecure Silverlight clientaccesspolicy.xml
  • Charset declarations which could introduce vulnerability (non-UTF-8)
  • User-controllable charset declarations
  • Dangerous context-switching between HTTP and HTTPS
  • Insufficient use of cache-control headers when private data concerned (e.g. no-store)
  • Potential HTTP referer leaks of sensitive user-information
  • Information leaks in the URL (email address, sessionId, etc)
  • Source code comments worth a closer look
  • Insecure authentication protocols like Digest and Basic
  • SSL certificate validation errors
  • SSL insecure protocol issues (allowing SSL v2)
  • Weak authentication protocols
  • Unicode ill-formed byte streams"

Read more: http://www.lookout.net/2009/03/14/watcher-a-free-web-app-security-testing-and-compliance-auditing-tool/


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

Post a comment

Remember personal info?