WebApp Sec mailing list archives
Re: XSS online tester
From: Sandeep Shetty <sandeep.s () directi com>
Date: Wed, 11 Jan 2006 20:27:55 +0530
Hey, Matthieu wrote:
I'll would like to know if you know some interesseting urls which test online XSS vulnerabilitiesI've searched on google, but I can't found some online free scanner. best regards
Was at a presentation once where Rasmus Lerdorf (PHP creator) showed a tool that he had developed internally at Yahoo in order to detect security holes in web apps. He was going to open source it but realized that a majority of the sites he tested using it had vulnerabilities that could be exploited. So he decided to not give it away since the tool makes it very easy to detect potential XSS exploits to the wrong people. However, you can get in touch with him and he will scan your site for you.
Here is someone else talking about the same tool. http://b2evolution.net/news/2005/11/13/b2evolution_passing_the_scanmus_test Sandeep Shetty ------------------------------------------------------------------------- This List Sponsored by: WatchfireWatchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today.
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh --------------------------------------------------------------------------
Current thread:
- XSS online tester Matthieu (Jan 11)
- Re: XSS online tester Sandeep Shetty (Jan 13)
- Re: XSS online tester Matthieu (Jan 12)
- Re: XSS online tester Sandeep Shetty (Jan 13)