[OWASP-Bangalore] Exploit-Me: a suite of Firefox web application security testing tool

Sumit Kumar k.sumit.us at gmail.com
Thu Dec 18 04:42:44 EST 2008


Not sure, if people on this list are already aware of this tool for firefox.
Please see http://www.securitycompass.com/exploitme.shtml Source code can
also downloaded from their website.

*XSS-Me*
 <http://www.securitycompass.com/exploit_me/xssme/xssme_faq.shtml>

Cross-Site Scripting (XSS) is a common flaw found in todays web
applications. XSS flaws can cause serious damage to a web application.
Detecting XSS vulnerabilities early in the development process will help
protect a web application from unnecessary flaws. XSS-Me is the Exploit-Me
tool used to test for reflected XSS vulnerabilities.

*SQL Inject-Me*
 <http://www.securitycompass.com/exploit_me/sqlime/sqlime_faq.shtml>

SQL Injection vulnerabilites can cause a lot of damage to a web application.
A malicious user can possibly view records, delete records, drop tables or
gain access to your server. SQL Inject-Me is the Exploit-Me tool used to
test for SQL Injection vulnerabilities.


*Access-Me*
 <http://www.securitycompass.com/exploit_me/accessme/accessme_faq.shtml>

Access vulnerabilites in an application can allow an attacker to access
resources without being authenticated. Access-Me is the Exploit-Me tool used
to test for Access vulnerabilities.
Cheers,
-Sumit
-- 

Phyllis Diller  - "I want my children to have all the things I couldn't
afford. Then I want to move in with them."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20081218/a0438577/attachment.html 


More information about the OWASP-Bangalore mailing list