Security, Tools, Web Apps

Google gives away a free web application security scanner

Google announced the release of ratproxy, a passive web application security assessment tool that they’ve been using internally at Google. This utility, developed by their information security engineering team, is designed to transparently analyse legitimate, browser-driven interactions with a tested web property and automatically pinpoint, annotate, and prioritize potential flaws or areas of concern.

The proxy analyses problems such as cross-site script inclusion threats, insufficient cross-site request forgery defences, caching issues, cross-site scripting candidates, potentially unsafe cross-domain code inclusion schemes and information leakage scenarios, and much more.

Find out more

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s