Full Disclosure: Re: Anehta0.6.0 -- a new XSS Attack Platform!

["Mike C" <mike.cartall () gmail com>]

2008/11/25 pst axis <axis () ph4nt0m org>

>  Anehta is an open source XSS Attack Platform which is maintained by
> axis () ph4nt0m org
>
>
>
> Project Home: http://anehta.googlecode.com
>
> Demo Video:
> http://hi.baidu.com/aullik5/blog/item/cb4cd5899283b093a4c272a9.html
>
> Online Demo: http://www.secwiki.com/anehta
>
> Download: http://anehta.googlecode.com/files/anehta-v0.6.0fixed.zip
>
>
>
> It contains a javascript framework called anehta.js which is something like
> "attackAPI" to help hackers write XSS payloads easier, and more than that
> ,there is an administrative panel which implemented by PHP to help manage
> the clients.
>
>
>
> Many good ideas are included in anehta project, some of the ideas you might
> never seen before.
>
> You can really maximize your profits gained from XSS by lauching anehta.
>
> I'm not sure you should word it that way. While full-disclosure is the best
way to security utopia, touting a tool for it's malicious use will only
serve to provide fodder to those who are opposed to full-disclosure.

HD Moore has handled this well with his framework.

-- 
MC

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/