Groundspeed is an open source firefox add-on that allows you to manipulate the interface of web applications to adapt it to the penetration test needs. Find more about groundspeed here:
What is Groundspeed?
April 3rd, 2010
Talking about Groundspeed on SANS webcast (April 19th 1PM ET)
On April 19 (1pm EDT / 18h00 GMT) I will be talking about some of the ideas behind Groundspeed on a SANS webcast titled “Manipulating Web Application Interfaces“.
For a long time we have used the same approach to perform input validation on web applications. We have seen some nice improvements at the client side proxy level (remember the old Achilles proxy? Now think about Burp), but the overall idea remained the same: place a client proxy between the browser and the web server, generate requests, intercept them and modify the HTTP parameters.
Why was manipulating the HTTP request such a successful idea that today we still assume it’s the natural way to test input validation? Has the context that forced that solution changed? Or in other words, are we still subject to the same limitations we were then? Those are some of the questions I want to discuss.
You can find more information including a link to register for it here.
February 15th, 2010
3,000 groundspeed downloads since November
Groundspeed just passed the 3,000 download mark this weekend. It’s an average of about 29 downloads a day since it came out last November! The single day with most downloads was Jan 27, with 343 downloads, or one download every 5 minutes.
Most of Groundspeed users seem to be in the United States (61%), the UK and Germany tie for the second with 7% followed by Spain (6%), France (5%) and Brazil (2%).
It’s surprising and nice to see so many people interested! If you have installed groundspeed and have comments, suggestions or bug reports, send me an email or leave a comment here!
January 24th, 2010
Release of Groundspeed 1.1
The new version of Groundspeed is up at addons.mozilla.com. Click on the “Install Now” button on the sidebar or click here to download it. This version is a minor update to fix some bugs in version 1.0.1 and add locale support. What’s new:
- Translated to Spanish, French, Portuguese and Russian
- Groundspeed now loads the form information from the page automatically when the sidebar opens, when the user changes tabs and when a new page is loaded in the current tab
- Fixed small bugs in the interface and the decoding/encoding functions
Click to download and install Groundspeed from the Mozilla Add-on site:
More information
Contact me
Follow me on Twitter
LinkedIn profileSocial Stuff
Bookmark on del.icio.us
Subscribe to the RSSGroundspeed Stuff
Categories
- Announcements (3)
- Documentation (7)
- Random Stuff (3)
- Releases (3)
About the Author
Felipe lives in New York City and works as an information security architect for a financial services company. Groundspeed and this website are part of a personal project and the opinions expressed here represent my own and not those of my employer.
Add to Google Reader
Post to diggGroundspeed is an open source tool available under a BSD license and is furnished "as is" and the author makes no warranties and assumes no responsibilities.
Everything written, all the screenshots and all the videos are available under a Creative Commons license