Full Disclosure mailing list archives
Re: DOMinator - The DOMXss Analyzer Tool - is finally public
From: IEhrepus <5up3rh3i () gmail com>
Date: Wed, 18 May 2011 20:34:20 -0700
hi DOMinator can't work on firefox 3.6.17? hitest 2011/5/18 Stefano Di Paola <wisec () wisec it>
What is DOMinator? DOMinator is a Firefox based software for analysis and identification of DOM Based Cross Site Scripting issues (DOMXss). It is the first runtime tool which can help security testers to identify DOMXss. How it works? It uses dynamic runtime tainting model on strings and can trace back taint propagation operations in order to understand if a DOMXss vulnerability is actually exploitable. ... If you're interested in it continue the reading here: http://blog.mindedsecurity.com/2011/05/dominator-project.html More whitepapers in the next days. Cheers Stefano -- ...oOOo...oOOo.... Stefano Di Paola Software & Security Engineer Owasp Italy R&D Director Web: www.wisec.it Twitter: http://twitter.com/WisecWisec .................. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- DOMinator - The DOMXss Analyzer Tool - is finally public Stefano Di Paola (May 18)
- Re: DOMinator - The DOMXss Analyzer Tool - is finally public IEhrepus (May 18)
- Re: DOMinator - The DOMXss Analyzer Tool - is finally public Stefano Di Paola (May 18)
- Re: DOMinator - The DOMXss Analyzer Tool - is finally public IEhrepus (May 18)