This is where TamperIE may come in handy. TamperIE is a browser Helper object(IE) that runs strictly on Microsoft's Internet Explorer and provides a way to test the security of web services. Bayden Systems, the creator of Tamper IE, claims that the software provides "lightweight tampering of http requests" throughout the Internet Explorer genre, starting with IE5. TamperIE is so obtrusive Bayden System's has a big red warning on their website that states "This tool makes it simple to do very bad things to poorly-written code. Malicious use of this tool against third-parties is a violation of federal, state, and local laws. Be smart."
In Depth, TamperIE allows a user to ensure that data sent by the client browser is not overlooked, which means a user employing this tool can change otherwise obscure data before it is sent back to the the server. In this example http://www.bayden.com/TamperIE/Tutorial.mht, TamperIE shows a major security flaw by allowing a user to change the price of a Tablet PC from $1995.00 to only $10.00!!!.
Keep in mind that TamperIE is effective even if a company uses SSL, this is because the data is manipulated before it is placed on the wire.
I must place my own warning in this post by saying that my intention is not to show anyone how to manipulate data before it is sent back to the server. My intention is to open the eyes of coders to the security aspect of coding ,and to provide them with information to help make their applications more secure.
