Do you have a question? Post it now! No Registration Necessary.  Now with pictures!


I have used the Achilles proxy server security tool and found it is
very effective in modifying the HTTP requests and repsonses between the
client and server on the fly thus acting as a middle-man-attacker. I
have tested it on a test machine and configured my I.E. to use the port
the proxy server (Achilles) listens to. I found that my webapp is
susceptible to this kind of an attack, but my question is how can this
be exploited on an external network since I.E. will require manual
config for use of such a proxy server. Is there some other tool
available, something like a [sniffer+request modifier], which can be
deployed on any network or remotely and needs no manual config of the
browser? Somehting which the end user will be completely unaware of if


Site Timeline