paulPIZZA.ORG

• Next message: van der Kooij, Hugo: "Re: [PEN-TEST] HTTP Secure Session State Management"
• Previous message: Drew Simonis: "Re: [PEN-TEST] Browser Automation"
• In reply to: Mark Curphey: "[PEN-TEST] Browser Automation"
• Reply: Paul Harrington: "Re: [PEN-TEST] Browser Automation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 1. Is to follow a web site transaction automagically from sign in to sign
> out, by specifying a number of interactions like usernames and passwords and
> form filed inputs etc. Now I know Elza does this and it is awesome (kudos to
> Philip Stoev (www.stoev.org) ) but I am lazy and my Perl is not great so the
> learning curve steep.

> Are there any other tools that can do this ?

I use curl for this. I've not played with Elsa so don't know how it compares.

> 2. Second I want to watch a set of cookies; i.e. all the cookies that are
> produced from the same bakers oven. I want to be able to watch what changes
> automagically during a transaction to look at hijacking and session
> management; i.e. compare a bakers oven over time.

curl allows you to dump and send cookies so this should be possible.

Take a look at http://curl.haxx.nu

Good Luck

Cheers

Paul

--
         Paul Harrington              ___________________________________
   Independent Internet Limited      /       Phone:  07779 622683
  Internet * Security * Unix * NT   /        Fax:    0870 2841627
___________________________________/       URL http://www.comms.net

• Next message: van der Kooij, Hugo: "Re: [PEN-TEST] HTTP Secure Session State Management"
• Previous message: Drew Simonis: "Re: [PEN-TEST] Browser Automation"
• In reply to: Mark Curphey: "[PEN-TEST] Browser Automation"
• Reply: Paul Harrington: "Re: [PEN-TEST] Browser Automation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]