Ratproxy: Open Source Site Security by Google

Google has a new tool to help you find problems within your web site.

Engineers have just announced the open source release of Ratproxy, a security assessment utility that’s thus far only been used within Google’s own offices. The software is built to “transparently analyze legitimate, browser-driven interactions with a tested web property and automatically pinpoint, annotate, and prioritize potential flaws or areas of concern.” Those flaws could include anything from cross-site scripting issues to problems with caching.

Google says the program has several benefits over existing active crawl technologies: fewer site disruptions, lower overhead, and broader coverage of Web 2.0 client-driven application states, among others.

Ratproxy supports Linux, FreeBSD, MacOS X, and Windows environments.