After Shortinfosec compiled the Ratproxy tool for Windows, we got e-mails with complaints that the it is still unclear how to use this tool. Therefore, Shortinfosec is following up with a tutorial on using Ratproxy.
NOTE: Shortinfosec will present a demo analysis and report, but will not delve into actual compromise of the concluded vulnerabilities
A hacker that attacks a web site will analyze the entire structure of the site, and use his experience and external tools to identify the points where he will be able to compromise the site. Ratproxy is emulating this operation by functioning as a web proxy for the users browsing. This way, ratproxy is able to intercept and analyze the entire communication and content of the analyzed site.
The difference between a hacker and ratproxy is that ratproxy will identify potential vulnrabilities but will not compromise, just report them.
Ratproxy program with or without potentially disruptive tests. The difference is in the X (disruptive) or x (non-disruptive) switch. Here is a command activating ratproxy with disruptive functionality:
ratproxy -v ratproxy -w report.log -d domain.com -leXtifscg
After that, the folder in which ratproxy is run from will contain a file called report.log. To make it human-readable, you should run it through a parser, downloadable from
You should run it from a cygwin shell. Make sure that it's a UNIX formatted file (LF/CR), otherwise the shell will report errors.
The parser should be run with the following command
$ ~/ratproxy-report.sh report.log > report.html
When the ratproxy.log file is parsed, it will create a html file. Below is a screenshot of the report
The report will organize concluded information by type of possible error encountered and then by criticality of specific issue which is identified.
Shortinfosec has created a sample report from scanning a localhost Apache 2.0 server with a CMS Made Simple site. You can download the sample report here.
Obviously, there are other products which perform the same function like WebScarab, Paros, Burp, and ProxMon, so what is the benefit of ratproxy?
According to ratproxy doc,
Ratproxy - Google Web Security Assessment Tool
Google's Ratproxy Web Security Tool for Windows
Talkback and comments are most welcome