Menu
I'm in the process of testing my application with respect to security.
Aside from Fiddler, Charles and Poster (Firefox plug in). Are there any other free to use https interception (and editing) applications out there? Especially ones which can be installed w/o admin privileges.
Achilles comes to mind, but I don't think it can handle https traffic.
285
Achilles does work on HTTPS traffic, but they note on their site that it is not the best tool any more.
Their suggestions are Burp Suite and WebScarab both of which I highly recommend.
135
OWASP ZAP - its free, open source and cross platform.
Its also the most active open source web security tool and came first and second in the last 2 'Top Security Tools' surveys run by Toolswatch.org (2013, 2014)
It was originally forked from Paros, which is no longer maintained, but it now has loads more functionality.
Its an OWASP Flagship project having replaced WebScarab, which is also essentially no longer maintained.
Simon (ZAP Project Lead)
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
