In our previous post, we announced the new security tool - Google's ratproxy. It functions as a proxy, much like paros.
Shortinfosec has compiled ratproxy v1.51 on windows.
You can download compiled ratproxy-1.51.exe for Windows here
ratproxy-1.51.exe SHA1SUM 42dbe6ffa00a3987f32b19a7c6e9ca84240db157
ratproxy-1.51.exe MD5SUM c41acfd5ab7874dfef3970ac52eb2a9b
In order to run it, you need to download and install cygwin runtime, since ratproxy is dependant on several cygwin libraries. Do not forget to update your path variable to include c:\cygwin\bin.
To run it, use the following steps
- create a report directory (report_outdir)
- type ratproxy -v
report_outdir -w report_filename -lfscm
- reconfigure your browser to use proxy on address localhost:8080
- Start browsing, ratproxy will create reports.
Copy the report generator from this location, and create a file from the text. It's a bash script, so You should run it from a cygwin shell. Make sure that it's a UNIX formatted file (LF/CR), otherwise the shell will report errors.
It creates a HTML report from the raw report generated by ratproxy.
Ratproxy - Google Web Security Assessment Tool
Talkback and comments are most welcome