LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Development page

Recent Features

Tux3: the other next-generation filesystem

LWN.net Weekly Edition for November 27, 2008

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Exodus - a web application review tool

[Posted June 23, 2003 by cook]

From:  "Dawes, Rogan (ZA - Johannesburg)" <rdawes@deloitte.co.za>
To:  "'lwn@lwn.net'" <lwn@lwn.net>
Subject:  Exodus - a web application review tool
Date:  Thu, 19 Jun 2003 14:47:30 +0200

Hi,

I'm just trying to publicise a tool that I have written, called Exodus.
Exodus acts as a web proxy, and can observe and display HTTP and HTTPS
conversations, as well as extracting links from observed HTML responses, and
HTML comments, scripts and forms. Exodus also offers functionality to fetch
unseen links, submit requests manually, sample cookies, and submit "bad
input" to URL's, in the hope that something will break.

Exodus is designed for use by security practitioners, or those curious about
what actually happens when you click a link, or submit a form. It can also
provide web developers with insight into how their application is actually
working, which may not be obvious when higher-level API's are used.

Exodus is intended to compete eventually with commercial offerings from the
likes of Sanctum, inc, and SpiDynamics, but it already provides a powerful
view into the workings of web applications.

Exodus is written in Java, and requires version 1.4 or greater of the JRE to
function. It is released under the GPL.

Exodus can be downloaded from
http://mysite.mweb.co.za/residents/rdawes/exodus.html

Rogan
-- 
"Using encryption on the Internet is the equivalent of arranging an 
armored car to deliver credit card information from someone living 
in a cardboard box to someone living on a park bench."
  - Gene Spafford
-- 
Deloitte & Touche Security Services Group
Tel: +27(11)806-6216     Fax: +27(11)806-5202     Cell: +27(82)784-9498
-- 

Important Notice: This email is subject to important restrictions, qualifications and disclaimers ("the Disclaimer") that must be accessed and read by clicking here or by copying and pasting the following address into your Internet browser's address bar: http://www.Deloitte.co.za/Disc.htm. The Disclaimer is deemed to form part of the content of this email in terms of Section 11 of the Electronic Communications and Transactions Act, 25 of 2002. If you cannot access the Disclaimer, please obtain a copy thereof from us by sending an email to ClientServiceCentre@Deloitte.co.za.
(Log in to post comments)

Copyright © 2003, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds