Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
The XSS Sandbox and the enhanced post forcer
Posted by: Kyo
Date: July 26, 2008 03:35PM

1) The XSS Sandbox

I just made this for the sake of making XSS testing easy and comfortable. It will give the data back and the source (so it's vulnerable to XSS, but that's the point). It also gives you a bunch of text encoding methods commonly used on sites to simulate the situation you're preparing yourself for. Then there's 3 custom regex and two custom string replaces for filters that are site specific.
It also gives you the option to submit the whole data per GET, if you want to post it on a forum or show it to someone.
Please report any bugs, or give me suggestions on what to add. I hope this helps you.

here's an example of it's usage:

2) The post forcer and the enhanced post forcer.

The difference is that the enhanced one doesn't leave a referrer. Those two tools were made because I did not know about the one that is already in existance, but IMO mine are more comfortable to use. Take a look and feel free to make suggestions.

oh and something you might also like:

the analyzerer. It basically tells you a shitload of info about your request

Edited 3 time(s). Last edit at 07/27/2008 08:21AM by Kyo.

Options: ReplyQuote
Re: The XSS Sandbox and the enhanced post forcer
Posted by: DoctorDan
Date: July 27, 2008 12:21AM

I like it! Good functionality.
Thanks for the tool :)

Options: ReplyQuote
Re: The XSS Sandbox and the enhanced post forcer
Posted by: Kyo
Date: July 27, 2008 05:26AM


I just added some more stuff to it too (and I increased the textarea sizes)

edit: and now I added the option to decide in what order the different filters are applied

Edited 1 time(s). Last edit at 07/27/2008 07:51AM by Kyo.

Options: ReplyQuote

Sorry, only registered users may post in this forum.