Simon Willison’s Weblog

3rd July 2008 - Link Blog

ratproxy. “A semi-automated, largely passive web application security audit tool”—watches you browse and highlights potential XSS, CSRF and other vulnerabilities in your application. Created by Michal Zalewski at Google.

Posted 3rd July 2008 at 2:35 pm

Recent articles

Gemini 3.5 Flash: more expensive, but Google plan to use it for everything - 19th May 2026
The last six months in LLMs in five minutes - 19th May 2026
Notes on the xAI/Anthropic data center deal - 7th May 2026

This is a link post by Simon Willison, posted on 3rd July 2008.

csrf 54 google 409 michal-zalewski 3 proxies 19 ratproxy 1 security 604 testing 93 xss 60

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe