Penetration Testing mailing list archives
XSS frameworks
From: lister () lihim org
Date: Thu, 9 Oct 2008 10:47:50 -0500
Not looking to re-invent the wheel, I'm looking for existing availability of XSS code to "gather" and "exploit" XSS tests as part of a pen-test. I'm aware of the following * AttackAPI * W3AF * XSSDB (the link is not working for some reason), is there a cached version? * rsnake cheatsheet * xss me (firefox plugin) Looking for a framework that I can use/build on, I have my own webservers/cgi available to grab session cookies, etc, but I'd like to see what frameworks already exist. Not so much interested in how to check for XSS, but rather a way to exploit a given XSS vulnerability if I have my own webserver and ability to write scripts to actively take advantage of XSS as part of a pen-test. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- XSS frameworks lister (Oct 09)
- Re: XSS frameworks natron (Oct 10)
- Re: XSS frameworks Marco Ivaldi (Oct 10)
- Re: XSS frameworks Nikhil Wagholikar (Oct 11)
- Re: XSS frameworks Adriel Desautels (Oct 12)
- Re: XSS frameworks natron (Oct 10)