A Java-based Web proxy for evaluating Web application vulnerabilities. It supports editing/viewing of HTTP/HTTPS messages at run time to change items such as cookies and form fields. It includes a network traffic recorder, a network spider, a hash calculator, and a scanner for testing common Web application attacks such as SQL injection and cross-site scripting.
Fiddler is a Web debugging agent that records all HTTP (S) traffic between the computer and the Internet. Fiddler allows you to check all HTTP (S) traffic, set breakpoints and "fiddle" input or output data. Fiddler includes a powerful event-based scripting subsystem that can be used by any. NET language to extend.
SSLstrip is an SSL peel agent designed to make an unencrypted HTTP session look like an HTTPS session. It converts the HTTPS link to HTTP or uses a known private key to convert to HTTPS. It even provides a padlock icon for the illusion of a secure channel. Many HTTPS sites can usually be accessed through redirects on the HTTP page, and many users do not notice that their connection is not upgraded.
Ratproxy
Web proxies (Web Proxy 4)