Products
We constantly seek out and evaluate the best tools and technologies to identify and address security threats. When they don’t exist, we build them. The best news is: we also share them. Casaba offers the following security products for public use.
UCAPI
Confusable string detection API
Announcing Casaba’s latest development for enhancing the visual assurance of IDN’s and Unicode text in applications. Implemented as a cross-platform library developed in C and C++, UCAPI hinders visual spoofing attacks by recognizing the visually confusable characters and similar strings from a wide variation of languages being employed. Partially based on Unicode TR39, UCAPI can provide software vendors with safety options not currently available in Win32 or .NET libraries.
Featured Open Source Products
Watcher
Passive Web vulnerability scanner
A plugin for the free Fiddler HTTP proxy, Watcher passively audits a web application to find security bugs and compliance issues automatically. Safe for production use, Watcher acts as an assistant to the developer by quickly identifying issues that commonly lead to security problems in web apps.
x5s
Active cross-site scripting (XSS) testing
A plugin for the free Fiddler HTTP proxy, x5s actively injects tiny probes of ASCII and Unicode into every user-controlled input of a Web-application in order to elicit and identify character transformations and encoding issues that could lead to XSS vulnerability.
Freeware
Pathfuzz
Filename and folder name fuzzer
Put file systems or applications through brutal folder and file name read testing to identify what crumbles.
LineCount code review generatorCode review estimator
Useful for estimating time requirements for code review projects, LineCount scans source code to estimate the total number of lines while ignoring whitespace, comments, ending statements and other syntax.
Casaba claims no commitment to maintaining freeware and offers it without warranty.
If you have any questions, comments, or bug reports, please contact us: info@casaba.com.
