We’ve raised $2,696 for Hackers for Charity so far!

An auditing tool for Wi-Fi or wired Ethernet connections

What’s New in 1.07?

  • Bugfix for inability to replay sessions into latest version of Firefox.

What’s New in 1.06?

  • Bugfix for infinite request loop when using session detection, causing 100% CPU and significant traffic to URL.

What’s New in 1.05?

  • Bugfix for tshark error stream handling in Wireshark 1.10 and up.

What’s New in 1.0?

  • Support for multiple running copies on a single shared MySQL database.
  • ‘Headless’ operation on systems without a graphical interface.
  • Ability to modify request headers before replaying into browser.
  • Real-time filtering to quickly narrow in on important information.
  • Support for running on top of the Raspberry Pi.
  • Significant performance increases and many bug fixes.
  • Session detection now supports Drupal, Facebook, GetSimple CMS, Go Daddy, Joomla!, MediaWiki, OkCupid, phpBB 3.X, Reddit, Twitter, Wikipedia, WordPress

Web app developers:
It’s 2013. Why aren’t you defaulting to SSL/TLS?

Many sites that exchange personal or private information are still using HTTP instead of wrapping the request into SSL/TLS.  In 2010, Firesheep came on the scene and forced many popular web applications, such as Facebook and Twitter, to offer a “Force Secure Browsing” option.  However this isn’t enough – web applications must take responsibility for their users’ security.  It’s time to default all users to SSL/TLS.

What is Cookie Cadger?

Cookie Cadger’s Session Detection Features

Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests.

Web providers have started stepping up to the plate since Firesheep was released in 2010. Today, most major websites can provide SSL/TLS during all transactions, preventing cookie data from leaking over wired Ethernet or insecure Wi-Fi. But the fact remains that Firesheep was more of a toy than a tool. Cookie Cadger is the first open-source pen-testing tool ever made for intercepting and replaying specific insecure HTTP GET requests into a browser.

Cookie Cadger’s Request Enumeration Abilities

Cookie Cadger is a graphical utility which harnesses the power of the Wireshark suite and Java to provide a fully cross-platform, entirely open-source utility which can monitor wired Ethernet, insecure Wi-Fi, or load a packet capture file for offline analysis.

Privacy Policy