- Open Source Web Application Security Assessment Tool - Andiparos

Andiparos is a fork of the famous Paros Proxy. It is an open source web application security assessment tool that gives penetration testers the ability to spider websites, analyze content, intercept and modify requests, etc.

The advantage of Andiparos is mainly the support of Client Certificates on Smartcards. Moreover it has several small interface enhancements, making the life easier for penetration testers...

Features:
  * Smartcard support
  * History Filter (URLs)
  * Tag requests in history
  * other small enhancements...

Installation and Using  Andiparo:
Download Andiparos from here
Untar the package into some directory and start the application using command: javaw -jar andiparos.jar

This will start the andiparos on port 8080 (default), now you need to configure your browser to point to port 8080 and start browsing the application using the browser and all the activity (url) will get capture by andiparos, as you can see the image below.


After this you can scan through the requests using application option (Analyse > Scan all) and can generate the report for this scan using option (Report > last scan report)


source:http://linuxpoison.blogspot.com/2010/07/13578167754968.html