Google opens RatProxy security code

By

Google has released the source code for a security tool it uses internally, The RatProxy software analyses web pages for potential security risks.

Google opens RatProxy security code
Google has released the source code for a security tool it uses internally, the RatProxy software analyses web pages for potential security risks and reports them back to the site administrator.

Among the vulnerabilities RatProxy is able to test for are cross-site scripting flaws and incomplete cross-site defense mechanisms as well as potential data leak sources and risky code that retrieves data from outside domains.

The company hopes that developers will put the tool to use when coding new web-based services that rely on multiple sites and outside sources for data.

Google security engineer Michal Zalewski warned, however, that the tool should not be considered a substitute for a thorough analysis by a security professional.

"We feel it will be a valuable contribution to the information security community, helping advance the community's understanding of security challenges associated with contemporary web technologies," explained Zalewski.

"We believe that responsible security research brings a net overall benefit to the safety of the Web as a whole, and have released this tool explicitly to support that kind of research."

Users can download the tool from the Google Code site. The tool works on Windows, Linux, FreeBSD and MacOS X operating systems.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
googlesecuritytool

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul
CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'
Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
WestJet probes cyber security incident

WestJet probes cyber security incident
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?