owaspscrubbr – Search your databases for stored cross-site scripting (XSS) attacks.

owaspscrubbr is a application penetration testing tool which i would like to use, or you can use to find vulnerable XSS and evade the database! Anyway, tools can be used according to human intentions. You use it according to your wishes.

Scrubbr is licensed under BSD. scrubbr is basically a database scanning tool that checks numerous database technologies for the presence of possible stored cross-site scripting attacks.

owaspscrubbr was partially inspired by “Scrawlr”, a trimmed-down version of HP’s WebInspect which was released for free after the so-called “asprox” mass-SQL injection bot exploited hundreds of thousands of insecure ASP sites.

owaspscrubbr Security generously help people get some visibility into their databases and check for malicious data.

It is in its initial stages so it has many bugs and may not stand up to your expecttion, If we contribute to its development we can also make it a good opensource tool for information security.

owasp scrubbr will be very slow on large enterprise databases, but its very useful to have assurance that there is no malicious data anywhere in the system. depends onn how much data are you crawling on to.

Download owasp scrubbr Here

Have Fun !!!

Related Blogs

• Related Blogs on antisamy
• hackademix.net » Samy, Anti-Samy and the Devil
• Shmoocon Pregame
• Introducing ABE

• Related Blogs on appsec

• Related Blogs on Database
• Directed Edge News » Blog Archive » On Building a Stupidly Fast …

• Related Blogs on owasp
• Working Session on SAMM at OWASP EU Summit | OpenSAMM
• OWASP Software Assurance Day Infosec Conference Event …
• SAMM Presentation at OWASP NYC 2008 | OpenSAMM

• Related Blogs on scrubbr
• Joyce Dallas

• Related Blogs on webappsec
• 2009 – The Year of WebAppSec Solutions at cat slave diary

• Related Blogs on xss
• All Night Diner : How addons.mozilla.org defends against XSS attacks
• Plush Dallas

Searches leading to this post:
owaspscrubbr, scrubbr, search database for xss, search xss database, stored cross site scripting, stored xss detection tool, stored xss scanner

Related Posts

• September 11, 2009 -- XSS Rays: JavaScript XSS scanner
• January 29, 2010 -- SecuBat – A Modular Web Vulnerability Scanner!
• January 8, 2010 -- iiScan – Identify Web Application Vulnerabilities!
• November 22, 2009 -- XSSTunnel: HTTP traffic through a XSS Channel!
• February 4, 2010 -- UPDATE: CAT.NET 2.0 – Beta!
• February 3, 2010 -- UPDATE: Nikto 2.1.1!
• January 27, 2010 -- WITOOL: A web SQL Injection Tool!
• January 15, 2010 -- List of Free Web Application Scanners!
• January 15, 2010 -- mySQLenum – Automatic blind sql injection tool

Tagged as: cross-site scripting, database exploiting tool, database security, owasp, owaspscrubbr, scrubbr, xss attack, XSS exploiting tool, XSS security