Category:OWASP Proxy Log Analyser

Proxy Log Analyser

This is a project to develop software to analyse proxy logs from web proxy tools to be able to perform planning for manual and automated web application security testing. Web proxy logs could be generated from the performance of use cases by user acceptance testing personnel (i.e. create a separate log each user role and associated business logic). Analysis of the proxy logs could allow the following tasks to be performed: - identification of form fields to be tested - identification of parameters used that are common to different user roles or vary between user roles, which would enable establishment of parameter manipulation test cases - identification of XSS injection points (i.e. find output that is reflected to the user performing the use case or other users