To help developers audit Web application security, Google has released an open source tool called ratproxy. It is a non-disruptive tool designed for Web 2.0 and AJAX applications that produces an easy-to-read report of potential exploits.
Ratproxy is a local program designed to sit between your Web browser and the application you want to test. It logs outgoing requests and responses from the application, and can generate its own modified transactions to determine how an application responds to common attacks. The list of low-level tests it runs is extensive, and includes:
* potentially unsafe JSON-like responses
* bad caching headers on sensitive content
* suspicious cross-domain trust relationships
* queries with insufficient XSRF defenses
* suspected or confirmed XSS and data injection vectors
Many more tests are performed, all enumerated in the messages.list file included in the package.
The ratproxy package consists of source code, documentation, and an optional component for testing Adobe Flash content called flare-dist. A standard Make file is included, but no configure script. To build the program, simply run make:
$ make cc ratproxy.c -o ratproxy -Wall -O3 -Wno-pointer-sign -D_GNU_SOURCE http.c mime.c ssl.c -lcrypto -lssl
*** WARNING: flare-dist/flare bianry is not operational.
*** Please see flare-dist/README and update it for your OS.