[ad] AttackAPI provides simple and intuitive web programmable interface for composing attack vectors. The project was primary inspired by the JythonShell applet. At its very early stage AttackAPI was a single extensible web enabled python console with a few modules. The 0.5 release of AttackAPI is purely JavaScript based. This is not a shift in […]
Javascript
Cross Site Scripting (XSS)
Cross Site Scripting, or know as XSS, is the most common basic web hacking technique… and harmless, as many would say… but on this matter I don’t really agree, that’s why I wrote this article. About XSS as I knew it is a very abstract definition for JavaScript injection, or at least this is what […]
Sprajax – An Open Source AJAX Security Scanner
[ad] Denim Group Ltd. announced today the public release of Sprajax, an open source web application security scanner developed to assess the security of AJAX-enabled web applications. Sprajax is the first web security scanner developed specifically to scan AJAX web applications for security vulnerabilities. Denim Group, an IT consultancy specializing in web application security, recognized […]
AJAX: Is your application secure enough?
Introduction We see it all around us, recently. Web applications get niftier by the day by utilising the various new techniques recently introduced in a few web-browsers, like I.E. and Firefox. One of those new techniques involves using Javascript. More specifically, the XmlHttpRequest-class, or object. Webmail applications use it to quickly update the list of […]