Exploit-Me is a suite of Firefox web application security testing tools. Exploit-Me tools are designed to be lightweight and easy to use. Instead of using a proxy like many web application testing tools, Exploit-Me integrates directly with Firefox. It currently consists of two tools, one for XSS and one for SQL Injection. The Exploit-Me series […]
OWASP JBroFuzz is a stateless network protocol fuzzer that emerged from the needs of penetration testing. Written in Java, it allows for the identification of certain classess of security vulnerabilities, by means of creating malformed data and having the network protocol in question consume the data. The purpose of this application is to provide a […]
Google has fixed a security flaw in its desktop search software that created a means for hackers to rifle through personal files on users’ PCs. A failure in Google Desktop to “properly encode output containing malicious or unexpected characters” created a means for hackers to cross from the web environment to the desktop application environment. […]
This was a while ago, but once again unsurprising..The amount of security holes that have been discovered in MySpace (to say they hold some pretty confidential info and are a preying ground for paedos..it’s a scary thought). Once again an XSS flaw shows up in MySpace. digi7al64 found yet another hole in myspace using non-alpha-non-digit […]
Tags: cross-site-scripting, hacking-myspace, myspace, myspace-hacking, myspace-xss, XSS, xss-vulnerability
Posted in: Exploits/Vulnerabilities, Web Hacking | Add a CommentXSS Shell is a powerful XSS backdoor which allows interactively getting control over a Cross-site Scripting (XSS) vulnerability in a web application. Demonstrates the real power and damage of Cross-site Scripting attacks. WHAT IS XSS SHELL ? XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by XSS-Proxy (http://xss-proxy.sourceforge.net/). Normally […]
Tags: cross-site-scripting, darknet, ferruh, hacking, Hacking Tools, Web Hacking, XSS, xss-shell, XSSSHell
Posted in: Hacking Tools, Web Hacking | Add a CommentNetscape.com has been hacked via a persistent Cross Site Scripting (XSS) vulnerability in their newly launched Digg-like news service. It seems the attacker did report the flaw to them repeatedly but they didn’t heed and ignored it, so he performed the XSS all over the site. eplawless stated the following: It was me. I did […]
Tags: cross-site-scripting, hacking, netscape-hack, netscape-hacked, Web Hacking, web-application-security, XSS
Posted in: General Hacking, Web Hacking | Add a Comment
