.
Bitland.Net Security Notes            Comments? email jwilkins-at-bitland*net
More information on the author at Jonathan Wilkins's home page
RSS feed available at http://www.bitland.net/index.rss               Add to Google
Archives: 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000
A Positive Review for ProxMon  |  (2007/04/03 23:57)

Andre Gironda had some kind words for ProxMon, saying "Last month was web application security awareness month. Just as I predicted, probably some of the best tools for this year were released.
Jikto (Billy Hoffman, SPI Dynamics) being #1 and ProxMon (Jonathan Wilkins, iSEC Partners) being #2. Or maybe flip that ordering."

Thanks Andre!
+digg  |  +del.icio.us   |    [ProxMon ]   |   Permanent link
Official Release  |  (2007/04/03 23:55)

I've been on the road for a couple weeks now with unreliable net access but last Friday ProxMon was officially released at Black Hat EU.
+digg  |  +del.icio.us   |    [ProxMon ]   |   Permanent link
CanSecWest 2007  |  (2007/03/14 20:35)

ProxMon was accepted for CanSec this year, so I'll be speaking there as well. That's perfect because I've been missing Vancouver lately.
+digg  |  +del.icio.us   |    [ProxMon ]   |   Permanent link
ScarabMon has been renamed ProxMon  |  (2007/03/14 19:35)

When I started the project, it was just a couple of quick scripts that parsed the WebScarab log directory. Then I discovered that a couple of my co-workers had similar tools and I realized that there must be tons of auditors doing the same thing and so I started thinking about how best to generalize and simplify these scripts. Before long I was staying up until 4am every night hacking on the tool and finding ways to abstract everything.

I started looking at supporting other proxies a little while ago and have a couple cool demos for BlackHat planned.

The upshot is that the proxy interface is pretty well defined now and since I'm not just targeting WebScarab a rename made sense.

I've also decided on hosting. The tool will be up at Google Code because they have a nice wiki/bug tracker and support for subversion.

ProxMon's home @ Google Code

The one thing they don't have is a way to track downloads, so the distributions will be released off the iSEC tools page. It will be available the day I speak, which will be March 30th.

+digg  |  +del.icio.us   |    [ProxMon ]   |   Permanent link
RSS feed available at http://www.bitland.net/index.rss