Info

I really recommend that you use RequesterRaw, cos I am currently rewriting Requester and the current version of it has a couple of bugs. RequesterRaw does everything Requester does (plus a bit better), except cookie fuzzing.

Most web application testing is performed using a intermediate proxy, but I have used most and I find either they don't work due to issues with the browser you interact with or you get lost in the number of responses received by the proxy, so I wrote Requester (formerly known as AppTester). Requester allows the easy parsing, modification and sending of HTTP requests.

Features

• Configurable port
• HTTPS support
• Allows easy temporary storage of requests, for later submittion
• Stores received (& parsed) cookies
• Allows for resubmittion of cookies with requests
• Can fuzz parameters, headers and cookies
• User configurable fuzz strings
• Can correctly parse and resend multipart boundary requests
• Supports NTLM authentication
• Supports Basic authentication
• Supports Negotiate authentication
• Auto-Redirects according to header response (to a max number of redirects!)
• Automatic User-Agent configuration
• Allows for completely manual requests so every request *should* be able cope with any request
• Supports cookie injection into Internet Explorer
• Produces a perl diff from all fuzz responses, which allows easy identification of erronous errors

Requirements

 

• Windows 2000, Windows XP, Windows 2003 Server (Might work on others?)
• Microsoft .NET Framework v1.1

Screenshot