Simon Willison’s Weblog

3rd July 2008 - Link Blog

ratproxy. “A semi-automated, largely passive web application security audit tool”—watches you browse and highlights potential XSS, CSRF and other vulnerabilities in your application. Created by Michal Zalewski at Google.

Posted 3rd July 2008 at 2:35 pm

Recent articles

Writing about Agentic Engineering Patterns - 23rd February 2026
Adding TILs, releases, museums, tools and research to my blog - 20th February 2026
Two new Showboat tools: Chartroom and datasette-showboat - 17th February 2026

This is a link post by Simon Willison, posted on 3rd July 2008.

csrf 53 google 397 michal-zalewski 3 proxies 19 ratproxy 1 security 575 testing 90 xss 60

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe