Paros

A Java based HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.

Project Activity

See All Activity >

License

Artistic License

Follow Paros

Paros Web Site

Other Useful Business Software

MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.

Start Free

Rate This Project

User Ratings

1.5 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 1 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:

All

offshoredriller Edited 2015-02-12

It would be great if support of JDIC is dropped in favor of java 1.6+ awt. I am having trouble running Paros under jdk x64(there is no jdic.dll for x64 platform) and just don't want to install x32 specially for a single utility.
psiinon Posted 2011-10-27

Paros was a great project, but unfortunately it hasnt been updated for many years. However there is an actively maintained fork of Paros - the OWASP Zed Attack Proxy (ZAP): https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project Its a community project and anyone is welcome to join. We've made significant enhancements and have a growing reputation. Note that ZAP is completely open source with no paid for 'Pro' version. If you'd like to contribute then please get in touch. Psiinon

Additional Project Details

Languages

English

Intended Audience

Information Technology

User Interface

Java Swing

Programming Language

Java

Database Environment

HSQL

Related Categories

Java Security Software

Registered

2003-06-27

Similar Business Software

InsightAppSec

Highest rated DAST solution by an independent research firm three years in a row. Automatically assess modern web apps and APIs with fewer false positives and missed vulnerabilities. Fast-track fixes with rich reporting and integrations, and inform compliance and development stakeholders....

See Software
Rafter

Rafter is a developer-friendly security scanning platform that lets you detect and address vulnerabilities in your GitHub repositories with a single click or command. It integrates seamlessly via a browser-based dashboard, CLI, or REST API to scan JavaScript, TypeScript, and Python code for a...

See Software
UltraWAF

Vercara UltraWAF is a cloud-based web application protection service that protects against threats that target the application layer. As a cloud-based WAF solution, UltraWAF protects your applications from data breaches, defacements, malicious bots, and other web application-layer attacks. By...

See Software
c/side

cside is the leading client-side intelligence platform. Protecting organizations from advanced client-side threats such as script injection, data skimming, and browser-based attacks, risks often overlooked by traditional security measures. Leveraging client-side intelligence to provide evidence...

See Software
MONITORAPP AIWAF

Web Application Firewall(WAF) AIWAF. Most security breaches happen on the web, to defend against web attacks, a dedicated web firewall system is required. AIWAF strongly defends various web attacks. Web security is no longer optional. It's essential. The web is vulnerable. Because the HTTP/HTTPS...

See Software
Vega

Vega can help you find and validate SQL Injection, cross-site scripting, inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows. Vega can help you find vulnerabilities such as: reflected cross-site...

See Software