Home / Web Scanners / CAT - Web Application Security Testing Tool

CAT - Web Application Security Testing Tool

Posted by Deepanker Verma Thursday, December 27, 2012 0 comments

Web  application security tools has a great importance now. We all know that hackers are now always trying to hack websites. So we can not take any risk. To make web application penetration testing work easy, there is nice tool available. It is called CAT.
CAT - Web Application Security Testing Tool

 CAT gives us an easy to start penetration testing of a website which is meant to be a complex task. It removes repetitive elements of the testing and makes everything fast.
Key Components

 CAT offers features that enable a wide variety of testing methods to be conducted:

  1. Request Repeater – Used for repeating a single request
  2. Proxy – Classic Inline proxy
  3. Fuzzer – Allows for batch of tests to be sent to a server for brute forcing, parameter fuzzing, forced browsing etc.
  4. Log – View a list of requests to sort, search repeat etc. Allows for a sequence of requests to be repeated and modified.
  5. Authentication Checker – Two synchronised proxies which can be used to check authentication and authorisation controls.
  6. SSL Checker – Request a specific page with various SSL ciphers and versions.
  7. Notepad – A text/RTF editor which can be used as a scratch pad for conversions etc.
  8. Web Browser – An integrated web browser with proxy pre-configured based on the Internet Explorer's rendering engine.
  9. Addons – Freely accessible API/SDK to extend CAT with additional functionality.



 These are the main things why we should use this tool.

  1. CAT uses Internet Explorer’s rendering engine for accurate HTML representation
  2. It supports many different types of text conversions including: URL, Base64, Hex, Unicode, HTML/XML, SQL and JavaScript no quotes
  3. It offers integrated SQL Injection and XSS Detection
  4. Synchronised Proxies for Authentication and Authorisation checking
  5. Tabbed Interface allows for multiple tools at once e.g. multiple repeaters & different logs
  6. Faster performance due to HTTP connection caching
  7. Greater flexibility for importing/exporting logs and saving projects
  8. SSL Version and Cipher checker using OpenSSL
  9. The ability to repeat and modify a sequence of requests (particularly useful in SSO testing)
  10. It’s free!

Categories: ,

If You Like This Post, Share it With Your Friends


Subscribe us to receive free updates in your inbox:


0 comments:

Post a Comment

Blog Archive

Copyright © Security Tools. All rights reserved.