XSS Warning – A Security Extension/Add-on for Firefox

Use Netsparker


XSS Warning is a extension/add-on for Firefox that filters malicious values to prevent Cross Site Scripting (XSS) attacks by malicious URLs (assuming you have Javascript enabled).

XSS Warning

XSS Warning 0.1.8 beta protect from:

  • URL attack
  • Redirect attack
  • Link code injection

Compatible with Firefox: 1.5 – 2.0.0

You can install and read more about XSS Warning here:

http://www.gianniamato.it/project/extension/xsswarning/

Posted in: Countermeasures, Security Software

,


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


13 Responses to XSS Warning – A Security Extension/Add-on for Firefox

  1. moons August 8, 2007 at 7:32 am #

    hm.. the webserver seems to be down

  2. Pedro August 8, 2007 at 1:32 pm #

    The server is working fine now…

  3. Tonny DS August 8, 2007 at 4:03 pm #

    NoScript add-on for Firefox is doing this too. It contains XSS blocking/warning and other security features.

    url: http://noscript.net

    disclaimer: I am not affiliated with noscript.net

  4. TheRealDonQuixote August 8, 2007 at 11:33 pm #

    Hmm, I dunno about using a beta release for a Firefox. Remember all the trouble that came from FasterFox when it first hit the scene?

    Oh and Tony is right about noscript. It works pretty well. At least I hope!! ;)

    BTW- Is the extension always going to be in Italian?

  5. Sandeep Nain August 9, 2007 at 4:51 am #

    No doubt really a good add on.. but still needs to be improved as there are several other ways of XSS attacks it doesn’t cover.

  6. Daniel August 13, 2007 at 1:03 pm #

    i think that things like this encourage lax browsing habits.
    it puts people in a sense of false security, thinking that since they have this xss gaurd installed, they can fling their Mastercard all over the web.

  7. Sandeep Nain August 16, 2007 at 1:01 am #

    Good one Daniel..

    I hope people will understand the difference between more secure and fully secure.. if they don’t then nobody can save them…

  8. Daniel August 16, 2007 at 1:43 am #

    i think you should have to take a class or go to defcon or something before you are allowed to do e-commerce

    because there are so many stupid people out there.

  9. Sandeep Nain August 16, 2007 at 2:35 am #

    well actually they dont need to do that… thats what hackers are for.. to teach them..if they get ripped off once…
    it will make them aware of these prevalent issues..
    also they will use their mastercard properly next time…

  10. Alfred Farrington August 16, 2007 at 6:27 pm #

    Let’s be real how many people are “uninformed” of computer insecurities I am pretty sure the people who are getting hacked are still using IE instead of Firefox anyway. :)

  11. Alfred Farrington August 16, 2007 at 6:28 pm #

    Not that Firefox makes you anymore secure but come on let’s be real here. People who read places like Darknet are the more informed ones.

  12. TheRealDonQuixote August 16, 2007 at 9:48 pm #

    @Alfred
    Yeah, the peeps around here are knowledgeable about security, but in the average office workplace…

    I used to spend hours trying to convince my old office buddies to NOT surf with IE or at least turn off JS while they where dorking around on myspace.

    I doubt I am the only one here who has had to break the bad news to a friend that their MSN/Myspace/Gmail/Orkut/whatever account is gone and there is no way to get it back. Trying to explain basic practices for better security always yields the same response, “That’s too complicated, can’t you just…”

    Sometimes I think they all have to get hacked before they start realizing that a computer is a tool, not a toy.

  13. Sandeep Nain August 17, 2007 at 12:10 am #

    TRDQ is absolutely right… I know so many people who think that computers is to help them and reduce their efforts. and now once they have internet and credit cads.. they can buy stuff sitting at home…

    and i FULLY AGREE with them… but these guys always forget that they have some responsibilities too.. and the very imp one is making themselves aware of the security threats… and also keeping their eyes open while making a transaction over internet