Penetration Testing mailing list archives

Re: Frameworks to exploit AV gw and Browser?

From: "Joshua Gimer" <jgimer () gmail com>
Date: Wed, 31 Dec 2008 14:35:14 -0700

On Wed, Dec 31, 2008 at 12:22 PM, Richard Miles
<richard.k.miles () googlemail com> wrote:

One of this projects was a framework for client side "browser"
attacks. Where they had implemented a common evil web page which
detects technology the client use (java, flash, etc) and the browser
itself (IE, FF) and try different vectors of exploits which match.

Someone know this project? Or someone related?


How about:

Browser Rider: http://engineeringforfun.com/browserrider.html
BeFF: http://www.bindshell.net/tools/beef
Backframe: http://www.darknet.org.uk/2006/12/backframe-formerly-backweb-javascript-attack-console/

-- 
Thx
Joshua Gimer

Current thread:

RE: Frameworks to exploit AV gw and Browser? alessandro telami (Jan 03)
- Re: Frameworks to exploit AV gw and Browser? Richard Miles (Jan 03)
- <Possible follow-ups>
- Re: Frameworks to exploit AV gw and Browser? Joshua Gimer (Jan 03)
- Re: Frameworks to exploit AV gw and Browser? H D Moore (Jan 03)
  - Re: Frameworks to exploit AV gw and Browser? Richard Miles (Jan 05)
- Re: Frameworks to exploit AV gw and Browser? Patrick Webster (Jan 06)