Google's Ratproxy Web Security Tool for Windows

In our previous post, we announced the new security tool - Google's ratproxy. It functions as a proxy, much like paros.
Shortinfosec has compiled ratproxy v1.51 on windows.

You can download compiled ratproxy-1.51.exe for Windows here

Verification sums:
ratproxy-1.51.exe SHA1SUM 42dbe6ffa00a3987f32b19a7c6e9ca84240db157
ratproxy-1.51.exe MD5SUM c41acfd5ab7874dfef3970ac52eb2a9b

In order to run it, you need to download and install cygwin runtime, since ratproxy is dependant on several cygwin libraries. Do not forget to update your path variable to include c:\cygwin\bin.

Quickstart
To run it, use the following steps

  1. create a report directory (report_outdir)
  2. type ratproxy -v report_outdir -w report_filename -lfscm
  3. reconfigure your browser to use proxy on address localhost:8080
  4. Start browsing, ratproxy will create reports.
Report parsing
Copy the report generator from this location, and create a file from the text. It's a bash script, so You should run it from a cygwin shell. Make sure that it's a UNIX formatted file (LF/CR), otherwise the shell will report errors.
http://code.google.com/p/ratproxy/source/browse/trunk/ratproxy-report.sh?r=9

It creates a HTML report from the raw report generated by ratproxy.

Related posts
Ratproxy - Google Web Security Assessment Tool

Talkback and comments are most welcome

4 comments:

Anonymous said...

Thanks for the efforts in providing a compiled version of this - please make sure the keyfile.pem (from source code) is included (or mentioned) as some people might not relised why HTTPS is not working!

Bozidar Spirovski said...

Thanks for the notice - this is under fixing today!

$omkar said...

ERP Solutions, Part II –Group Micro #2

Anonymous said...

They will need a good security tool for windows

Designed by Posicionamiento Web