Re: Help to Automate XSS and SQL

[Jerome Athias <jerome.athias () free fr>]

http://w3af.sourceforge.net/

Enjoy & Hacky new year!

/JA

Vin Oxious a écrit :
> Hello Friends,
>
>                Greetings of the day !! .. Recently I had carried out
> manual test with XSS and SQL. I have tried quite a lot of the
> variants.. but later on it was detected that it has XSS and SQL
> vulnerability.
>
> Since there are so many variants of XSS and SQL and cannot be tried of
> all those in a limited time span. What should I do to make sure that
> the site doesn't have XSS and SQL.
>
> Should I try with every SQL and XSS string. and use a automated brute
> force attack .. If yes .. can anyone suggest me some good tools that I
> can run from windows or browser ( similar to tamper data ,greasy
> monkey or any other windows tools ).
>
> Note : please don't suggest perl scripts or linux related scripts even
> though I would love to work upon :(  Coz this is a windows
> environment.
>
>
> Thanks in advance for sharing your experiences :)
>
> regards,
> Vinox

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------