OWASP WebScarab Technical Specifications

See Key Below

Technical Specification

Component Name Spider
Specification Author Mark Curphey
Developer / Component Owner Spider Team
Approved By  
Feature Name Full HTTP 1.0 and 1.1 Support Priority 1
Description
  • Should be able to handle GET, HEAD, OPTIONS and POST methods
  • Should be able to respond to all HTTP server reponse codes including 302 redirects
  • Should be able to deal with virtual hosts (HTTP 1.1)
  • Should capture all HTTP headers and entity bodies
  • Should be able to handle (and record) cookies
 
 
Feature Name SSL and TLS Support Priority 1
Description
  • Should be able to spider SSL sites
  • Parse SSL headers
  • Parse X.509 Certificates
 
 
Feature Name Parse HTML / XML Priority 1
Description
  • Identify and follow URL'S
  • Intelligently handle forms, specifically allowing user interaction via GUI

 

 
 
Feature Name Parse Cascading Style Sheets Priority 1
Description
  • Identify and follow URL'S

 

 

 
 
Feature Name Handle Forms Priority 1
Description
  • Should handle forms such as can follow simple checkbox and radio button choices
  • Forms based authentication (see below)

 

 

 
 
Feature Name Parse Cascading Style Sheets Priority 1
Description
  • Identify and follow URL'S

 

 

 
 
Feature Name Parse JavaScript Priority 1 Description     Feature Name Parse Flash Priority 3 Description     Feature Name Parse VBScript Priority 3 Description     Feature Name HTTP Basic Authentication Priority 1 Description     Feature Name HTTP Digest Authentication Priority 1 Description     Feature Name NTLM Authentication Priority 2 Description     Feature Name Forms Authentication Priority 1 Description     Feature Name Customizable HTTP User Agent Header Priority 1 Description     Feature Name Customized HTTP 404 Pages Priority 1 Description    

Index Guide

Priority Description 1 2 3
Description

A feature that is

  • considered absolutely neccesary for the tools first release
  • needed for core fucntionality
  • needed to support other components

A feature that is

  • considered desireable but not absolutely needed
  • not requireed by any other components

A feature that is

  • nice to have if possible
  • not required by any other components