WATOBO - THE Web Application Toolbox

WATOBO is a security tool for web applications. It is intended to enable security professionals to perform efficient (semi-automated) web application security audits.

Most important features:

• WATOBO has Session Management capabilities! You can define login scripts as well as logout signatures. So you don’t have to login manually each time you get logged out.
• WATOB can act as a transparent proxy (requires nfqueue)
• WATOBO can perform vulnerability checks out of the box
• WATOBO can perform checks on functions which are protected by Anti-CSRF-/One-Time-Tokens
• WATOBO supports Inline De-/Encoding, so you don’t have to copy strings to a transcoder and back again. Just do it inside the request/response window with a simple mouse click.
• WATOBO has smart filter functions, so you can find and navigate to the most interesting parts of the application easily.
• WATOBO is written in (FX)Ruby and enables you to easily define your own checks
• WATOBO runs on Windows, Linux, MacOS ... every OS supporting (FX)Ruby
• WATOBO is free software ( licensed under the GNU General Public License Version 2)
• It’s by siberas ;)

Documentation

Check out the online documentation and video tutorials at http://watobo.sourceforge.net

Tips & Tricks

• On Linux you should use RVM to install Ruby (http://beginrescueend.com/rvm/install/)
• Use FoxyProxy or SwitchProxy to easily change your proxy settings