Durzosploit is a JavaScript exploit generation framework that works through the console. This goal of that project is to quickly and easily generate working exploits for cross-site scripting vulnerabilities in popular web applications or web sites. Please note that Durzosploit does not find browser vulnerabilities, it only is an framework containing exploits you can use. […]
XSS
Amazon Disputes Hacker Claims of Ranking Manipulation
[ad] A while back it was all over the blogs and Twitter that Amazon had somehow demoted Gay and Lesbian themed books to keep them from showing up in searches. There was outrage from all the civil rights folks especially in the LBGT camp (rightfully so if it was true). After that the rumour started […]
Twitter Battered By Powerful Worm Attacks
[ad] We’ve written about Twitter quite a few times now, with it’s click-jacking vulnerability, twitter phishing attacks and various other issues. It’s no surprise it’s being targeted though as it’s now the 3rd biggest social network after Facebook and Myspace. Within a relatively short time period it’s overtaken almost everyone else. This weekend it suffered […]
ProxyStrike v2.1 Released – Active Web Application Proxy Tool
[ad] In April last year we wrote about ProxyStrike, recently the developer has released a couple of new versions – the latest being v2.1. ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems we faced in the pentests of web […]
XSS-Proxy – Cross Site Scripting Attack Tool
[ad] XSS-Proxy is an advanced Cross-Site-Scripting (XSS) attack tool. The documents, tools and other content on this site assume you have a basic understanding of XSS issues and existing exploitation methods. If you are not famliar with XSS, then I recommend you check out the primer links/docs below to get a better of idea of […]