A Java based HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.
It would be great if support of JDIC is dropped in favor of java 1.6+ awt. I am having trouble running Paros under jdk x64(there is no jdic.dll for x64 platform) and just don't want to install x32 specially for a single utility.
Paros was a great project, but unfortunately it hasnt been updated for many years. However there is an actively maintained fork of Paros - the OWASP Zed Attack Proxy (ZAP): https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project Its a community project and anyone is welcome to join. We've made significant enhancements and have a growing reputation. Note that ZAP is completely open source with no paid for 'Pro' version. If you'd like to contribute then please get in touch. Psiinon
very good project