Google’s Free Web Security Assessment Tool
Yesterday, Google released their open-source passive web application security assessment tool called ratproxy. This utility, developed by our information security engineering team, is designed to transparently analyze legitimate, browser-driven interactions with a tested web property and automatically pinpoint, annotate, and prioritize potential flaws or areas of concern. The proxy analyzes problems such as cross-site script [...]