So what's so cool about Watcher? Well, the first thing to mention is not necessarily in the "cool"-factor, but for those of you who only use Windows, you can be happy that Watcher it's not another Linux-based tool you can't use. For the rest of us, we will either run it in a Windows VM or stick with our Linux and Mac tools.
On the serious side, what I really like about tools including Watcher and RatProxy is that you just browse the target Website and they do all the work in the background. You don't put in a URL and click Scan. You don't have to warn the admins that there might be a flurry of e-mails generated by forms on the site. All you do is fire up the tool and browse the Website, which is already one of the first steps of a web app pen-test. After doing the initial recon and getting familiar with the target, you can go back and review the logs for some of the low-hanging fruit.
Some of the things it checks for include SSL certificate and protocol issues, possible information leakage in URL parameters, open redirects, cross domain POSTs, and much more. There is even experimental support for Microsoft SharePoint insecurities--a Web app that doesn't receive enough attention, in my opinion.
Word of caution: there will be false positives and false negatives. Every Web app vulnerability testing tool I've ever used has had them, which is why I rely on multiple tools and manual testing with just a browser and a man-in-the-middle proxy like Burp Proxy and TamperData.
Take Watcher for a spin and let me know what you think. Do you see it replacing any current tool you use or a supplement to your current toolset?
John H. Sawyer is a senior security engineer on the IT Security Team at the University of Florida. The views and opinions expressed in this blog are his own and do not represent the views and opinions of the UF IT Security Team or the University of Florida. When John's not fighting flaming, malware-infested machines or performing autopsies on blitzed boxes, he can usually be found hanging with his family, bouncing a baby on one knee and balancing a laptop on the other. Special to Dark Reading.