Research

We build genuine partnerships with our clients

• White Papers
  • Web Application Vulnerability Statistics 2010-2011
  • Assessing Cloud Node Security
  • Smartphones in the Enterprise
  • Clickjacking
• Tools
  • Clickjacking Tool
  • CAT
    • Why use CAT?
    • Key Components
    • Download
    • User Guide
      • Installation
      • Menu
      • Options
      • Log View
      • Repeater Panel
      • Proxy Panel
      • Fuzzer Panel
      • Log Panel
      • Auth Checker Panel
      • SSL Checker Panel
      • Notepad
      • Integrated Web Browser Panel
      • Addons
      • Additional Information
    • Addons
    • Mono
  • MBean Trojan
  • IIS7 Header Block
• Blog
  • Malware 2 - From Infection to Persistence
  • Server Technologies - HTTPS BEAST Attack
  • Malware - Dark Comet RAT
  • Server Technologies - Reverse Proxy Bypass
  • SAP Exploitation – Part 2
  • SAP Exploitation – Part 1
  • WebGL - More WebGL Security Flaws
  • WebGL - A New Dimension for Browser Exploitation
    • FAQ
  • Server Technologies - SSL2: Should it keep you awake at night?
  • SmartPhones - Can you Trust your USB Charger?
  • Malware 1 - From Exploit to Infection
  • Server Technologies - JBoss RMI Twiddling

The proxy is a standard inline proxy. The default port is 8085 and will increment from there for each proxy that is loaded. To use the proxy configure your browser to proxy through localhost on port 8085. If browsing requires a web proxy then this should be set in the file->options menu of CAT as the outbound proxy. Now every request will be sent through CAT. CAT by default will filter out ‘simple types’ of requests, namely images, style sheets etc. this can be changed using the ‘Include Simple Types’ checkbox. If only certain host should be captured or there are certain requests that are not wanted then the filter tab can be used to set these.

To intercept a request or response set the check box ‘intercept Request/Response’ on the next request the appropriate tab will be shown and CAT brought to the front. The same HTTP editing options will be shown as per the repeater.

Use the send or drop buttons to dispatch this request. If there are several requests stacked up then you can process these one by one or untick the ‘intercept request/response’ option and they will all be sent through.

The modify tab allows for changes to be made on the fly without the need to manually alter the request and responses. This includes regular expression alterations.

The log tab shows the history of what requests have been seen through the proxy. From here they can be copied into the other tabs e.g. into a repeater for further investigation or the fuzzer for testing. Here are the steps to move a request from the proxy to the repeater:

1. Select the request in the log
2. Select 'Copy HTTP Request'

   

3. Click on Repeater on the tool bar or Add Tab->Repeater, to create a new repeater tab.
4. Then right button on the top box for HTTP request editing.
5. Select ‘Paste HTTP Request’

Alternatively, if you wish to send the request to a new repeater or fuzzer you can use the “Load Request in...->Repeater” option.



6. Press the send button to repeat the request.

   

© Copyright 2012 Context Information Security.

Main Navigation

• Home /
• Our Company /
• Security Solutions /
• Research /
• Media /
• Contact Us