On Tue, Aug 9, 2011 at 2:34 AM, Context IS - Disclosure <[email protected]> wrote: > Under native Windows, CAT will only use IE to render the HTML. I can see > your point as to why you might not want to use IE and I will look into adding > in a Gecko rendering option for the next version.
I attempted to use both the Windows registry IsDefaultRenderer=1 entry and 'X-UA-Compatible: chrome=1' header in every response, but still could not change the rendering engine in CAT (latest version) from IE to ChromeFrame. However, CAT has a proxy. It does not, however, include the feature to "show response in browser" as does Burp -- which would allow you to switch between browsers to see if the XSS works in one versus another. Cheers, Andre _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
