- Burp Suite is an integrated platform for performing security testing of web applications.
- CookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications.
- It works by collecting and analyzing cookies issued by a web application for multiple users.
- The tool reports on the predictability and entropy of the cookie and whether critical information, such as user name and password, are included in the cookie values.
- WebScarab is a framework for analyzing applications that communicate using the HTTP and HTTPS protocols.
- It allows the attacker to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser.