Research

We build genuine partnerships with our clients

• White Papers
  • Crouching Tiger, Hidden Dragon, Stolen Data
  • Web Application Vulnerability Statistics 2010-2011
  • Assessing Cloud Node Security
  • Smartphones in the Enterprise
  • Clickjacking
• Tools
  • Canape
    • Download
    • Sample Projects
  • Clickjacking Tool
  • CAT
    • Why use CAT?
    • Key Components
    • Download
    • User Guide
      • Installation
      • Menu
      • Options
      • Log View
      • Repeater Panel
      • Proxy Panel
      • Fuzzer Panel
      • Log Panel
      • Auth Checker Panel
      • SSL Checker Panel
      • Notepad
      • Integrated Web Browser Panel
      • Addons
      • Additional Information
    • Addons
    • Mono
  • MBean Trojan
  • IIS7 Header Block
• Blog
  • Cloud - Dirty Disks Raise New Questions About Cloud Security
  • App - Framesniffing against SharePoint and LinkedIn
  • Malware 2 - From Infection to Persistence
  • Server Technologies - HTTPS BEAST Attack
  • Malware - Dark Comet RAT
  • Server Technologies - Reverse Proxy Bypass
  • SAP Exploitation – Part 2
  • SAP Exploitation – Part 1
  • WebGL - More WebGL Security Flaws
  • WebGL - A New Dimension for Browser Exploitation
    • FAQ
  • Server Technologies - SSL2: Should it keep you awake at night?
  • SmartPhones - Can you Trust your USB Charger?
  • Malware 1 - From Exploit to Infection
  • Server Technologies - JBoss RMI Twiddling

From the file menu the options for the application can be selected. These options apply to all tabs (where appropriate).

If an outbound proxy is set then all HTTP requests will be sent through that proxy. ‘Use Outbound Proxy Filter’ can be used to specify that requests for certain hosts should be sent via a different proxy. Proxy authentication can be configured if an upstream proxy requires it.

A master log can be set which will record every request/response sent from the project, including repeater, proxy, fuzzer etc. to a single log file. This file can become very large if a large amount of fuzzing is performed. This is generally used to keep a record of all activity during an engagement. The file can be reloaded into a log panel at anytime.

If the application uses mutual SSL then the certificate can be configured in this window. This certificate will then be used for all HTTPS client connections.

The NTLM credentials are used when an application is encountered which requests NTLM HTTP auth. These credentials will be used to perform the authentication handshake. This is common across all components of CAT including Add-On modules.

© Copyright 2012 Context Information Security.

Main Navigation

• Home /
• Our Company /
• Security Solutions /
• Research /
• Media /
• Contact Us