Home > Penetration Testing > OWASP Ajax Crawling Tool (Good Companion Tool to Burpsuite)

OWASP Ajax Crawling Tool (Good Companion Tool to Burpsuite)

December 26, 2011 Leave a comment Go to comments

OWASP Ajax Crawling Tool is an awesome companion to the tool Burpsuite. It allows you to crawl ajax websites which is a feature missing from Burpsuite. Both are must have tools for penetration testing of modern Ajax websites.

The official website for ACT is https://www.owasp.org/index.php/OWASP_AJAX_Crawling_Tool

The current version of ACT 0.1a seems to have issues with crawling some Ajax websites due to some issues in the dependencies.

I have submitted the bugfixes to the website but it will take some time for the changes to be committed.

Below shows the screenshots of the results of the crawl before and after the patch.

Before the patch

After the patch
As shown in the below screenshot, extra 4 links were discovered after the patch.

I have also added the function of being able to specify the proxy server via command line mode.

Below is the temporary download link for the ACT if you can’t wait for the changes to be committed at the main site.

https://www.dropbox.com/s/gosq97z5vjlr09f/act-new.jar

About these ads
Categories: Penetration Testing

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: