|
Penetration Testing
mailing list archives
Re: XSS LAB DEMO IDEAS
From: "Kevin Spett" <kspett () spidynamics com>
Date: Mon, 6 Jan 2003 14:57:23 -0500
The site we use for our paper (http://www.spidynamics.com/mktg/xss/) is
online at http://endo.webappsecurity.com/ Feel free to use it to educate
people about XSS... As the Unix Terrorist stated so succinctly at Defcon,
"Cross-site scripting is an issue that affects us all."
Kevin Spett
SPI Labs
http://www.spidynamics.com/
----- Original Message -----
From: "Jeremy Junginger" <jj () act com>
To: "pen-test" <pen-test () securityfocus com>
Sent: Monday, January 06, 2003 12:00 PM
Subject: XSS LAB DEMO IDEAS
After reading the papers by iDefense and the paper at
http://www.technicalinfo.net/papers/CSS.html , I would like to put a
working example together to familiarize our web developers with XSS
vulnerabilities and their impact on the web site (and business). I
would like to poll the group for interesting ways to demonstrate these
vulnerabilities in a lab environment. Thanks for taking the time to
give your input.
-Jeremy
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
 By Date 
By Thread
Current thread:
|
Intro
