Tag Archive | "XSS"


05 February 2010 | 8,794 views

SecuBat – Modular Web Vulnerability Scanner

As the popularity of the web increases and web applications become tools of everyday use, the role of web security has been gaining importance as well. The last years have shown a significant increase in the number of web-based attacks. For example, there has been extensive press coverage of recent security incidences involving the loss [...]

Continue Reading


04 January 2010 | 5,040 views

Researcher Uncovers XSS Flaws In Twitter and Google Calendar

More flaws discovered in Twitter and Google Calender during the holiday season. Once again XSS flaws have been discovered in popular web apps, but at least they were reported and not used nefariously this time. Fixes have been issued promptly by both Google and Twitter so there is not much cause for concern this time [...]

Continue Reading


14 December 2009 | 6,782 views

Microsoft CAT.NET v1.1.1.9 – Binary Code Analysis Tool .NET

CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection. CAT.NET is a snap-in to the Visual Studio IDE that helps you identify security flaws within a managed code (C#, Visual [...]

Continue Reading


27 October 2009 | 4,445 views

Yokoso! – Web Infrastructure Fingerprinting & Delivery Tool

Yokoso! is a project focused on creating fingerprinting code that is deliverable through some form of client attack. This can be used during penetration tests that combine network and web applications. One of the most common questions we hear is “so what can you do with XSS?” and we hope that Yokoso! answers that question. [...]

Continue Reading


21 September 2009 | 30,135 views

Websecurify – Web Security Testing Framework

Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies. Key Features JavaScript – Websecurify Security Testing Framework is the first tool of its kind to be written entirely in JavaScript using only standard technologies adopted by the leading [...]

Continue Reading


11 May 2009 | 6,672 views

Durzosploit v0.1 – JavaScript Exploit Generation Framework

Durzosploit is a JavaScript exploit generation framework that works through the console. This goal of that project is to quickly and easily generate working exploits for cross-site scripting vulnerabilities in popular web applications or web sites. Please note that Durzosploit does not find browser vulnerabilities, it only is an framework containing exploits you can use. [...]

Continue Reading


30 April 2009 | 3,250 views

Amazon Disputes Hacker Claims of Ranking Manipulation

A while back it was all over the blogs and Twitter that Amazon had somehow demoted Gay and Lesbian themed books to keep them from showing up in searches. There was outrage from all the civil rights folks especially in the LBGT camp (rightfully so if it was true). After that the rumour started the [...]

Continue Reading


14 April 2009 | 4,414 views

Twitter Battered By Powerful Worm Attacks

We’ve written about Twitter quite a few times now, with it’s click-jacking vulnerability, twitter phishing attacks and various other issues. It’s no surprise it’s being targeted though as it’s now the 3rd biggest social network after Facebook and Myspace. Within a relatively short time period it’s overtaken almost everyone else. This weekend it suffered a [...]

Continue Reading


25 March 2009 | 8,607 views

ProxyStrike v2.1 Released – Active Web Application Proxy Tool

In April last year we wrote about ProxyStrike, recently the developer has released a couple of new versions – the latest being v2.1. ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems we faced in the pentests of web applications [...]

Continue Reading


23 October 2008 | 23,587 views

XSS-Proxy – Cross Site Scripting Attack Tool

XSS-Proxy is an advanced Cross-Site-Scripting (XSS) attack tool. The documents, tools and other content on this site assume you have a basic understanding of XSS issues and existing exploitation methods. If you are not famliar with XSS, then I recommend you check out the primer links/docs below to get a better of idea of what [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·