WATOBO v0.9.9 Released
WATOBO is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits. We are convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.
- WATOBO has Session Management capabilities! You can define login scripts as well as logout signatures. So you don’t have to login manually each time you get logged out.
- WATOBO can perform vulnerability checks out of the box.
- WATOBO supports Inline De-/Encoding, so you don’t have to copy strings to a transcoder and back again. Just do it inside the request/response window with a simple mouse click.
- WATOBO has smart filter functions, so you can find and navigate to the most interesting parts of the application easily.
- WATOBO is written in (FX)Ruby and enables you to easiely define your own checks
- WATOBO is free software ( licensed under the GNU General Public License Version 2)
- Time-based SQL injection module
- New XSS module which gives a more accurate exploitability result
- ConversationTable: values in coloumn Parameters are url-decoded
- Added a WebCrawler Plugin based on Mechanize
- Manual Request Editor: Url is displayed in the window title
- Menubar items are disabled if no project is defined
- CA Directory is now created in WATOBO working directory ‘.watobo’
- Fixed Crash on opening client-certificate dialog
- ConversationTable: GET and POST parameters are shown in the parameters coloumn
- TreeView-Pane: Show full conversation list when Findings tab is selected
- Fixed a bug in parsing post parameters
- Also some minor bugs