Research

We build genuine partnerships with our clients

• White Papers
  • Web Application Vulnerability Statistics 2010-2011
  • Assessing Cloud Node Security
  • Smartphones in the Enterprise
  • Clickjacking
• Tools
  • Clickjacking Tool
  • CAT
    • Why use CAT?
    • Key Components
    • Download
    • User Guide
      • Installation
      • Menu
      • Options
      • Log View
      • Repeater Panel
      • Proxy Panel
      • Fuzzer Panel
      • Log Panel
      • Auth Checker Panel
      • SSL Checker Panel
      • Notepad
      • Integrated Web Browser Panel
      • Addons
      • Additional Information
    • Addons
    • Mono
  • MBean Trojan
  • IIS7 Header Block
• Blog
  • Malware 2 - From Infection to Persistence
  • Server Technologies - HTTPS BEAST Attack
  • Malware - Dark Comet RAT
  • Server Technologies - Reverse Proxy Bypass
  • SAP Exploitation – Part 2
  • SAP Exploitation – Part 1
  • WebGL - More WebGL Security Flaws
  • WebGL - A New Dimension for Browser Exploitation
    • FAQ
  • Server Technologies - SSL2: Should it keep you awake at night?
  • SmartPhones - Can you Trust your USB Charger?
  • Malware 1 - From Exploit to Infection
  • Server Technologies - JBoss RMI Twiddling

The log panel contains a HTTP log which is used in various places throughout the application for storing a history of activity or results. The log panel provides a log for processing the data and repeating a sequence of requests.

By double clicking on any log item the item will be loaded into a new window with the usual view of the request, response etc. From the log panel this window can be used to edit the request for the purpose of replaying with different values. This is useful in complex SSO login processes or where a set work flow is used. If a parameter at the beginning of the sequence is not used until the end then this is the interface that can be used to test this case.

The 'Fix Cookie' allows for the requests to be repeated with a different cookie for authentication/authorisation checking.

The ‘Maintain Cookie’ will pick up new cookies if they are set during the sequence.

The ‘no. threads’ setting is used to control how many concurrent requests will occur at any one time. This is set to 1 by default so the requests will be performed in order, if increased to 5, 10 then the requests will be repeated simultaneously and quicker but not necessarily in order.

'Repeat' will request the log entries multiple times. This can be used to grab cookies or tokens that are different per-request and then use the find/extract option to remove them for further analysis.

'Delay' and ‘inc timer’ are used to put pauses in the sequence either fixed or by that value incrementing. E.g. if delay =60 and inc timer is on then the requests would have a delay between them of 1min then 2mins, 3mins, 4mins. This can be useful for determining the session timeout.

© Copyright 2012 Context Information Security.

Main Navigation

• Home /
• Our Company /
• Security Solutions /
• Research /
• Media /
• Contact Us