spikeproxy

Web application security testing proxy

SPIKE proXy is part of the SPIKE Application Testing Suite, It functions as an HTTP and HTTPS proxy, and allows the web developer or web application auditor low level access to the entire web application interface, while also providing a bevy of automated tools and techniques for discovering common problems. These automated tools include: - Automated SQL Injection Detection - Web Site Crawling (guaranteed not to crawl sites other than the one being tested) - Login form brute forcing - Automated overflow detection - Automated directory traversal detection In addition to automated analysis, SPIKE proXy allows the user to analyse the internals of the web application by viewing and changing all variables, cookies, headers, or other parts of the request and resubmit them. Also, a single installation can be shared by multiple users.