NAMEratproxy - a passive web application security assessment tool
SYNOPSISratproxy [-w logfile] [-v logdir] [-p port] [-d domain] [-P host:port] [-xtifkgmjscael2XCr]
DESCRIPTIONRatproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments.
EXAMPLESExample settings suitable for most tests: 1) Low verbosity : -v <outdir> -w <outfile> -d <domain> -lfscm 2) High verbosity : -v <outdir> -w <outfile> -d <domain> -lextifscgjm 3) Active testing : -v <outdir> -w <outfile> -d <domain> -XClfscm Multiple -d options are allowed. Consult the documentation for more.
AUTHORratproxy is written and maintained by Michal Zalewski <firstname.lastname@example.org> This manual page was generated via help2man by Iustin Pop <email@example.com> for the Debian project (but may be used by others).
SEE ALSOratproxy-report(1) RATPROXY(1)