ratproxy(1) [debian man page]
RATPROXY(1) User Commands RATPROXY(1) NAME
ratproxy - a passive web application security assessment tool SYNOPSIS
ratproxy [-w logfile] [-v logdir] [-p port] [-d domain] [-P host:port] [-xtifkgmjscael2XCr] DESCRIPTION
Ratproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments. OPTIONS
-w logfile - write results to a specified file (default: stdout) -v logdir - write HTTP traces to a specified directory (default: none) -p port - listen on a custom TCP port (default: 8080) -d domain - analyze requests to specified domains only (default: all) -P host:port - use upstream proxy for all requests (format host:port) -r - accept remote connections (default: 127.0.0.1 only) -l - use response length, not checksum, for identity check -2 - perform two, not one, page identity check -e - perform pedantic caching headers checks -x - log all XSS candidates -t - log all directory traversal candidates -i - log all PNG files served inline -f - log all Flash applications for analysis (add -v to decompile) -s - log all POST requests for analysis -c - log all cookie setting URLs for analysis -g - perform XSRF token checks on all GET requests -j - report on risky Javascript constructions -m - log all active content referenced across domains -X - disruptively validate XSRF, XSS protections -C - try to auto-correct persistent side effects of -X -k - flag HTTP requests as bad (for HTTPS-only applications) -a - indiscriminately report all visited URLs EXAMPLES
Example settings suitable for most tests: 1) Low verbosity : -v <outdir> -w <outfile> -d <domain> -lfscm 2) High verbosity : -v <outdir> -w <outfile> -d <domain> -lextifscgjm 3) Active testing : -v <outdir> -w <outfile> -d <domain> -XClfscm Multiple -d options are allowed. Consult the documentation for more. AUTHOR
ratproxy is written and maintained by Michal Zalewski <lcamtuf@google.com> This manual page was generated via help2man by Iustin Pop <iusty@k1024.org> for the Debian project (but may be used by others). SEE ALSO
ratproxy-report(1) ratproxy 1.56-beta April 2009 RATPROXY(1)
Check Out this Related Man Page
DOMAINALIGN(1e) EMBOSS Manual for Debian DOMAINALIGN(1e) NAME
domainalign - Generate alignments (DAF file) for nodes in a DCF file. SYNOPSIS
domainalign -dcfinfile infile -pdbdir directory -node list -mode list -keepsinglets toggle -dafoutdir outdir -singletsoutdir outdir -superoutdir outdir -logfile outfile domainalign -help DESCRIPTION
domainalign is a command line program from EMBOSS ("the European Molecular Biology Open Software Suite"). It is part of the "Protein:3D Structure" command group(s). OPTIONS
Input section -dcfinfile infile This option specifies the name of DCF file (domain classification file) (input). A 'domain classification file' contains classification and other data for domains from SCOP or CATH, in DCF format (EMBL-like). The files are generated by using SCOPPARSE and CATHPARSE. Domain sequence information can be added to the file by using DOMAINSEQS. -pdbdir directory This option specifies the location of domain PDB files (input). A 'domain PDB file' contains coordinate data for a single domain from SCOP or CATH, in PDB format. The files are generated by using DOMAINER. Default value: ./ Required section -node list This option specifies the node for redundancy removal. Redundancy can be removed at any specified node in the SCOP or CATH hierarchies. For example by selecting 'Class' entries belonging to the same Class will be non-redundant. Default value: 1 -mode list This option specifies the alignment algorithm to use. Default value: 1 -keepsinglets toggle This option specifies whether to write sequences of singlet families to file. If you specify this option, the sequence for each singlet family are written to file (output). Default value: Y Output section -dafoutdir outdir This option specifies the location of DAF files (domain alignment files) (output). A 'domain alignment file' contains a sequence alignment of domains belonging to the same SCOP or CATH family. The files are in clustal format and are annotated with domain family classification information. The files generated by using SCOPALIGN will contain a structure-based sequence alignment of domains of known structure only. Such alignments can be extended with sequence relatives (of unknown structure) by using SEQALIGN. Default value: ./ -singletsoutdir outdir This option specifies the location of DHF files (domain hits files) for singlet sequences (output). The singlets are written out as a 'domain hits file' - which contains database hits (sequences) with domain classification information, in FASTA format. Default value: ./ -superoutdir outdir This option specifies the location of structural superimposition files (output). A file in PDB format of the structural superimposition is generated for each family if the STAMP algorithm is used. Default value: ./ -logfile outfile This option specifies the name of log file (output). The log file contains messages about any errors arising while domainalign ran. Default value: domainalign.log BUGS
Bugs can be reported to the Debian Bug Tracking system (http://bugs.debian.org/emboss), or directly to the EMBOSS developers (http://sourceforge.net/tracker/?group_id=93650&atid=605031). SEE ALSO
domainalign is fully documented via the tfm(1) system. AUTHOR
Debian Med Packaging Team <debian-med-packaging@lists.alioth.debian.org> Wrote the script used to autogenerate this manual page. COPYRIGHT
This manual page was autogenerated from an Ajax Control Definition of the EMBOSS package. It can be redistributed under the same terms as EMBOSS itself. DOMALIGN 0.1.0+20100721 08/11/2010 DOMAINALIGN(1e)