It passively analyzes traffic logged by various MITM proxies (such as WebScarab and Burp) as well as other sources (like Firefox's LiveHTTPHeader plugin) and helps to identify various kinds of possible vulnerabilities (such as XSS, CRLF injection, an insecure session management and several kinds of information disclosure). Skavenger's modular design allows the integration of custom scanning modules without any knowledge about the tool at all.
Skavenger is completely written in Perl and can be downloaded from: https://sourceforge.net/projects/skavenger/
Dave Wichers, Aspect Security
Gary McGraw, Cigital
This category contains only the following page.