Results 1 to 5 of 5

Thread: Watobo

  1. #1
    Moderator fancy's Avatar
    Join Date
    Jan 2010
    Posts
    204

    Cool Watobo

    WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. I am convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.

    WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only. It works like a local proxy, similar to Webscarab, Paros or BurpSuite

    Additionally, WATOBO supports passive and active checks. Passive checks are more like filter functions. They are used to collect useful information, e.g. email or IP addresses. Passive checks will be performed during normal browsing activities. No additional requests are sent to the (web) application.

    Active checks instead will produce a high number of requests (depending on the check module) because they do the automatic part of vulnerability identification, e.g. during a scan.

    The functions of WATOBO:

    * Supports session management.
    * Detects logout and automatically takes a re-login.
    * Supports filter functions
    * Inline-Encoder/Decoder
    * Includes vulnerability scanner
    * Quick-scan for targeted scanning a URL
    * Full-scan to scan a whole session
    * Manual request editor with special functions
    * Session information is updated
    * Login can be done automatically
    * Transcoder
    * URL, Base64, MD5, SHA-1
    * Interceptor
    * Fuzzer
    * Free, Stable and Open source!
    * Script code easy to understand
    * Easy to extend / adapt
    * In real-world scenarios tested and developed
    * Speed / usability
    * Active and Passive checks
    * Runs under Windows, Linux, BackTrack, MacOS

    All these great features and functions make WATOBO one of the top free web assessment tools.

    Tutorial: http://www.corelan.be:8800/index.php...ficial-manual/

    Watobo needs the rubygems fxruby and hoe.

  2. #2
    Junior Member SWFu64's Avatar
    Join Date
    Jan 2010
    Posts
    97

    Default WATOBO - THE Web Application Toolbox

    I'm unsure how the work involved to get this in the repo due to the ruby gems and firefox extension which need to be installed. I've been using it for a bit now and it's great!

    SourceForge.net: watobo

    There's installation notes specifically for BT4 in the README file.
    Last edited by SWFu64; 11-01-2010 at 10:03 PM.
    "I do not know with what weapons World War III will be fought, but World War IV will be fought with sticks and stones."

    Albert Einstein

  3. #3
    Just burned his ISO
    Join Date
    Sep 2010
    Posts
    5

    Thumbs up Re: WATOBO - THE Web Application Toolbox



    very very nice

  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: WATOBO - THE Web Application Toolbox

    I am working to get this into the repos. Look for it in a few days.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  5. #5
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: WATOBO - THE Web Application Toolbox

    This tool is on hold due to dependency conflicts. I will update once we get it resolved.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •