Penetration Testing mailing list archives
Re: XSS frameworks
From: Marco Ivaldi <raptor () mediaservice net>
Date: Fri, 10 Oct 2008 11:13:20 +0200 (ora solare Europa occidentale)
On Thu, 9 Oct 2008, natron wrote:
XSS-Proxy allows you to turn an XSS hole into a proxy to surf from the users perspective, with some limitations. Will need modification to be useful for anything other than a demo. http://xss-proxy.sourceforge.net/
See also XSS Shell and XSS Tunnel, at: http://www.portcullis-security.com/16.php http://www.portcullis-security.com/uplds/whitepapers/XSSTunnelling.pdf http://ferruh.mavituna.com/blogs/xsstunnelling-video.zip BeEF, the Browser Exploitation Framework, may also be useful: http://www.bindshell.net/tools/beef/ -- Marco Ivaldi, OPST Red Team Coordinator Data Security Division @ Mediaservice.net Srl http://mediaservice.net/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- XSS frameworks lister (Oct 09)
- Re: XSS frameworks natron (Oct 10)
- Re: XSS frameworks Marco Ivaldi (Oct 10)
- Re: XSS frameworks Nikhil Wagholikar (Oct 11)
- Re: XSS frameworks Adriel Desautels (Oct 12)
- Re: XSS frameworks natron (Oct 10)