[OWASP-Washington] Updated XSS-Proxy
Ludwig, Andre
ludwiga at Fortrex.com
Wed Apr 20 16:14:55 EDT 2005
Awesome work, i will have to see if i can get some time to play with it this weekend..
Andre
-----Original Message-----
From: Chuck [mailto:chuck.lists at gmail.com]
Sent: Wed 4/20/2005 3:41 PM
To: owasp-washington at lists.sourceforge.net
Cc:
Subject: [OWASP-Washington] Updated XSS-Proxy
Hi all,
Attached is an updated version of Anton Ranger's XSS-Proxy with
some changes I have made to make it a little easier to use and to add
a couple things. Some of the code is kind of ugly, but it seems to
work :-) I sent Anton a copy a while ago, but he hasn't put it up on
the sourceforge site so I figured I would send it out to you all.
Basically what I added is:
# - added passcode for some security (you should change this passcode
for your installation)
# - added CSRF Posting ability
# - added Cross Site Trace Button (very much a kludge, but it works)
# - fixed some display problems (html-encoded some output that needed it)
# - added "help" link which displays Anton's whitepaper
# - added some examples to the admin page
If it would be useful, I can demo this at the meeting on Tuesday.
Regardless, please take a look at it and let me know what you think.
I actually haven't
messed with it for a little while, so I hope that there wasn't something
broken in there that I left out.
Have a good one.
Chuck
-----------------------------------------------------------------
Confidentiality Notice
The content of this communication, along with any attachments,
is covered by federal and state law governing electronic
communications and may contain confidential and legally privileged
information. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination,
distribution, use or copying of the information contained herein is
strictly prohibited. If you have received this communication in
error, please immediately contact us by telephone at (301) 977-6966
or e-mail info at fortrex.com. Thank you.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 4950 bytes
Desc: not available
Url : http://lists.owasp.org/pipermail/owasp-washington/attachments/20050420/73a5e0e6/attachment.bin
More information about the Owasp-washington
mailing list