Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
XSS Rays
Posted by: Gareth Heyes
Date: March 25, 2009 03:54AM

I wrote my own XSS scanner in javascript as a bookmarket

http://www.thespanner.co.uk/2009/03/25/xss-rays/

Updates….

The latest version of XSS Rays is now online (0.5.0), it contains some speed improvements and bug fixes.

1. Fixed conflicts with form elements with the name action or submit was causing form posts not to be submitted. Thanks Mike W
2. Removed unneeded cleanup code now the IE onload works.
3. Added the ability to exclude certain field types and names from being XSS’d.
4. Fixed name vector to specify window.name which was causing conflicts with image elements.
5. Fixed and checked same origin code. Thanks to Arshan who gave me a kick up the backside :)

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 1 time(s). Last edit at 03/27/2009 09:44AM by Gareth Heyes.

Options: ReplyQuote


Sorry, only registered users may post in this forum.