Intro – "Paros" Proxy was written for people who need to evaluate the security of their web applications.Through Paros's proxy nature, all HTTP and HTTPS data between server and client, including cookies and form fields, can be intercepted and modified.
1. How to open
A. GUI Method
Application → Kali linux→ Web Applications → Web Application Proxies → Paros
(click image for large view)
B. Open Terminal type paros and hit enter
2. If you are running first time paros in kali then you will see this screen, simply click on ‘Accept.’
3. Your Paros will be open soon and it will be look like this
4. Here we have to check some important part of paros go to Tools and click on Option.
5. Here select ‘Local Proxy’ and check the Address and port. Than click on OK
6. If you want to intercept the HTTP(S) request than check the ‘Trap request’ and ‘Trap Response’ while scan we use continue for showing the continued request.
7. Now time to check the our browser proxy. So go to proxy setting according to your own browser like here I have Mozilla firefox so i go to Edit than click on Preferences
8. than go to ‘Network’Tab and click on ‘Settings’
9. Here it is little bit confusing but don’t worry just a small experiment will solve your problem. So, here we have two option I recommend you use first ‘Manual Proxy Configuration’ If it doesn’t work ( site will be not open) for you than simply select ‘Use System Proxy Setting’
10. After finishing proxy process now we are surfing a website on our Mozilla firefox.
11. Now see the result on Paros in Request tab we can see lots of information about the website which we can’t see just by surfing the website
12. Response Tab
13. Trap Tab
14. Here we are going to run spider on the website so go to Analyse and click on Spider
15. Click on startbutton for starting the spider and also you can stop it by clicking on stop. There you can see we have found URL.
(click image for large view)
No comments:
Post a Comment