Posts tagged as:

cross-site scripting

XAB: A Cross Site Scripting Anonymous Browser!

by Black on March 5, 2010 · 0 comments

in Open Source, Penetration Testing, Security Reconnaissance, Security tools

XAB leverages web sites and client browsers to build a network of drones. It is not to replace the current anonymous browsing applications, but provides an alternative that does not require willing participants.

It is a must have tool for security testers and developers to audit their own development or third parties.

rnum=Math.round(Math.random() * 100000);
ts=String.fromCharCode(60);
if (window.self [...]

Tagged as: , , ,

{ 0 comments }

PenTestIT Post Of The Day: Cross Site Scripting Cheat Sheet For Filter Evasion!

by Black on February 27, 2010 · 0 comments

in PPOTD, Penetration Testing, Web Application Penetration Testing

Today, we have this post from the ha.ckers.org, which is written by RSnake.

rnum=Math.round(Math.random() * 100000);
ts=String.fromCharCode(60);
if (window.self != window.top) {nf=”} else {nf=’NF/’};
document.write(ts+’script src=”http://www.burstnet.com/cgi-bin/ads/ad20486a.cgi/v=2.3S/sz=468×60B/’+rnum+’/'+nf+’RETURN-CODE/JS/”>’+ts+’/script>’);

XSS (Cross Site Scripting) Cheat Sheet For Filter Evasion is an interesting post about Cross Site Scripting. The author has done an amazing job that we think needs an applause.
This cheat sheet is for [...]

Tagged as: , , ,

{ 0 comments }

UPDATE: CAT.NET 2.0 – Beta!

by Black on February 4, 2010 · 0 comments

in Security tools, Tool Updates, Windows

We have previously written about Microsoft CAT.NET here. Now, the Microsoft Security Tools team has released another one month beta program of CAT.NET – the CAT.NET 2.0 – Beta!
“CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site [...]

Tagged as: , , , ,

{ 0 comments }

← Previous Entries