What makes Burp stand out? Every time I need something like that I end up downloading 17 free and pay/trial tools, mucking about till one works, mumbling 'God, I'd pay not to have to do that again' and forgetting about it, till next time.
Burp is basically the industry standard. It's the tool most widely used by professionals on web pentests. I could do a detailed comparison, but it'd be 3-4 years dated; I used a lot of tools back in '06, but haven't looked back since then.
The thing that sets Burp apart from (say) Tamper Data in Firefox is the fuzzer (Burp calls it the "intruder"). The free OWASP WebScarab also has a fuzzer, but it's not as good.
I was a little apprehensive of the last release being 7/30/09, and no mention of 10.6, but it looks like it's still under development somewhat - The svn.ridiculousfish.com/HexFiend2/experimental/ branch was last modified two days ago.
Is an Intel-only version and an update of the website in the plans somewhere?
We're an all-Mac shop, and HexFiend is the best hex editor on the platform (0xED is more featureful, though... but "lots of features" isn't what I want out of a hex editor).
Interesting. Is there any particular reason why you went all mac? We run a mix of everything for infrastructure, but it's pretty much 7 on the laptops, VMs for testing from.
I also want to know what the two other apps are :)
We've done all sorts of strange things to it over the years; 'yan is planning on embedding it wholesale into one of our projects, so that may be the direction we're going with it.
I hope they did; We tried this app, but ended up having to roll our own because of missing features. Of course, we were using it for hex display, not hex editing, so what we came up with was mostly better visualization of binary wire data (specifically, more custom data types than int and float)..
