Raul, what version of W3AF do you test? New version of MITM Proxy you can find in my branch: svn checkout https://w3af.svn.sourceforge.net/svnroot/w3af/branches/taras w3af_taras
On Wed, 2009-11-04 at 23:33 +0100, Raul Siles wrote: > Hi Taras, > Sometimes you may decide not to trap the responses manually, for > example, because you are simply collecting them for further inspection > or analysis, and don't want to interact with each of them. A good > example is when you are going to perform a hash or byte-by-byte > comparison of different responses; you don't need to inspect them > visually during the interception process. However, in that scenario > you might still want to modify the requests. I definitely find useful > to have independent buttons/checks for both types of interactions > (request & response). Most web interception proxies offer this option. > > Sorry but I do not get your clean suggestion. When you go into the > History tab, "id = 1" is the Search "term" and the only listed > request/response is number 1 or none (I don't remember it right now). > It would be very useful to have as the default option for the proxy > the whole list of requests/responses, without any filter. Of course, > you can always set the Search "term" to "id >= 1" and see all them (I > referred to the default option in my previous suggestion). > > One additional minor suggestion. Having the Send and Next buttons on > each side of the proxy Window limit its usability, as you need to move > back and forth between the two buttons. It is good to exercise your > mouse or trackpad ;) > > Cheers, > -- > Raul Siles > www.raulsiles.com > > > > On Wed, Nov 4, 2009 at 11:00 PM, Taras <ta...@securityaudit.ru> wrote: > > Hi, Raul! > > > >> - Why there is no "Trap Responses" button? It might be useful to > >> decide if we want to trap responses or not, in the same way we do with > >> the requests. > > > > In what situations it may be useful? > > > > > >> - I would provide an option in the "History" tab to be able to easily > >> show all the requests/responses (by default), in addition to the > >> search capabilities. > > > > You can push "Clean" button, isn't it? :) > > > > > > -- > > Taras - OSCP, OSWP > > ---- > > "Software is like sex: it's better when it's free." - Linus Torvalds > > > -- Taras - OSCP, OSWP ---- "Software is like sex: it's better when it's free." - Linus Torvalds
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
