A Java based HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.
It would be great if support of JDIC is dropped in favor of java 1.6+ awt. I am having trouble running Paros under jdk x64(there is no jdic.dll for x64 platform) and just don't want to install x32 specially for a single utility.