[OWASP-Washington] Updated XSS-Proxy
chuck.lists at gmail.com
Wed Apr 20 15:41:36 EDT 2005
Attached is an updated version of Anton Ranger's XSS-Proxy with
some changes I have made to make it a little easier to use and to add
a couple things. Some of the code is kind of ugly, but it seems to
work :-) I sent Anton a copy a while ago, but he hasn't put it up on
the sourceforge site so I figured I would send it out to you all.
Basically what I added is:
# - added passcode for some security (you should change this passcode
for your installation)
# - added CSRF Posting ability
# - added Cross Site Trace Button (very much a kludge, but it works)
# - fixed some display problems (html-encoded some output that needed it)
# - added "help" link which displays Anton's whitepaper
# - added some examples to the admin page
If it would be useful, I can demo this at the meeting on Tuesday.
Regardless, please take a look at it and let me know what you think.
I actually haven't
messed with it for a little while, so I hope that there wasn't something
broken in there that I left out.
Have a good one.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 26017 bytes
Desc: not available
Url : http://lists.owasp.org/pipermail/owasp-washington/attachments/20050420/0b67631c/attachment.bin
More information about the Owasp-washington