Tag Archives | cross-site-scripting




XSSYA – Cross Site Scripting (XSS) Scanner Tool

XSSYA is a Cross Site Scripting Scanner & Vulnerability Confirmation Tool, it’s written in Python and works by executing an encoded payload to bypass Web Application Firewalls (WAF) which is the first method request and response. If the website/app responds 200 it attempts to use “Method 2” which searches for the payload decoded in the […]

Topic: Hacking Tools, Web Hacking

Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements

We wrote our first review of Acunetix WVS 6 back in January 2009 and published an update about the release of Acunetix Web Vulnerability Scanner (WVS) 6.5 in June 2009. The team over at Acunetix have been working hard on version 7 for quite some time and released a new build with added features earlier […]

Topic: Advertorial, Database Hacking, Exploits/Vulnerabilities, Hacking Tools, Networking Hacking, Web Hacking

Jarlsberg – Learn Web Application Exploits and Defenses

This codelab is built around Jarlsberg /yärlz’·bərg/, a small, cheesy web application that allows its users to publish snippets of text and store assorted files. “Unfortunately,” Jarlsberg has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. The goal of this codelab is […]

Topic: Countermeasures, Exploits/Vulnerabilities, Web Hacking

PayPal Patches Critical Security Vulnerabilities

PayPal in the news again for a series of fairly high-profile vulnerabilities discovered by the same guy that found the XSS bugs in Google Calendar and Twitter (Nir Goldshlager). I’m glad people are looking at PayPal as I’m sure the volume of monetary transactions that pass through their site on a daily basis is huge. […]

Topic: Exploits/Vulnerabilities, Privacy, Web Hacking

x5s – Automated XSS Security Testing Assistant

x5s is a Fiddler add-on which aims to assist penetration testers in finding cross-site scripting vulnerabilities. It’s main goal is to help you identify the hotspots where XSS might occur by: Detecting where safe encodings were not applied to emitted user-inputs Detecting where Unicode character transformations might bypass security filters Detecting where non-shortest UTF-8 encodings […]

Topic: Hacking Tools, Web Hacking

Popular Tags

computer-security · darknet · ddos · dos · exploits · fuzzing · google · hacking-networks · hacking-websites · hacking-windows · hacking tool · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · pen-testing · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · windows · windows-security · Windows Hacking · worms · XSS ·