[Owasp-leaders] Help...

Jim Manico jim.manico at owasp.org
Wed Sep 5 23:00:55 UTC 2012


Once the initial port is complete I intend to rally the community to
update and maintain this key resource. I'm thrilled that RSnake was
kind enough to donate this - and I feel he did so in order to harness
the power of the wiki and community involvement.

Stay tuned, more to follow.

Regards,

--
Jim Manico
(808) 652-3805

On Sep 5, 2012, at 11:14 PM, Tim <tim.morgan at owasp.org> wrote:

>
> I think that would be pretty key to making it useful again.  I find
> that I use RSnake's cheat sheet once every 2-3 assessments for the
> more tricky XSS contexts, but it is getting pretty out of date and
> many of the tricks don't work any longer.
>
> Next time I have the need for the cheat sheet, I'll try to remember to
> use this new one and make any notes of any items I'm confident are
> outdated.  If everyone does that, it shouldn't be too long before we
> have it caught up with current behaviors.
>
> With that said, I think it may be useful to keep an archive of the old
> tricks that no longer work on any modern browser.  Perhaps stuffed in
> a separate section or page.  You never know when an old trick might
> become relevant again, particularly with the diversity of browser
> platforms we have these days.
>
> tim
>
>
> On Wed, Sep 05, 2012 at 10:01:53PM +0000, Erlend Oftedal wrote:
>> I suppose one thing people could start doing is test the vectors in newer browsers.
>>
>> Erlend
>> ________________________________
>> From: Jim Manico
>> Sent: 05.09.2012 18:32
>> To: Samantha Groves
>> Cc: owasp-leaders at lists.owasp.org
>> Subject: Re: [Owasp-leaders] Help...
>>
>> We're almost done with the initial port.
>>
>> https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
>>
>> --
>> Jim Manico
>> (808) 652-3805
>>
>> On Sep 5, 2012, at 3:47 PM, Samantha Groves <samantha.groves at owasp.org<mailto:samantha.groves at owasp.org>> wrote:
>>
>> Fabulous! I love the interest! Thank you, guys.
>>
>> Jim, what's the next step?
>>
>> SG
>>
>> On Sat, Sep 1, 2012 at 2:50 PM, Johanna Curiel <johanna.curiel at owasp.org<mailto:johanna.curiel at owasp.org>> wrote:
>> Hi Jim
>>
>> Me too!
>>
>> Regards
>>
>> Johanna
>>
>>
>>
>>
>> On 30 aug. 2012, at 19:51, Jim Manico <jim.manico at owasp.org<mailto:jim.manico at owasp.org>> wrote:
>>
>>> I'm seeking a volunteer to help convert the very famous:
>>>
>>> http://ha.ckers.org/xss.html
>>>
>>> to
>>>
>>> The OWASP XSS Filter Evasion Cheat Sheet (I think that's the right name).
>>>
>>> ...anyone interested?
>>>
>>> RSnake was kind enough to donate this to OWASP. It's going to be cool to see what the community will add to this.
>>>
>>> Aloha,
>>> Jim Manico
>>> OWASP Volunteer
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org<mailto:OWASP-Leaders at lists.owasp.org>
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org<mailto:OWASP-Leaders at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>> --
>>
>> Samantha Groves, MBA
>>
>> OWASP Project Manager
>>
>>
>> The OWASP Foundation
>>
>> London, United Kingdom
>>
>> Email: samantha.groves at owasp.org<mailto:samantha.groves at owasp.org>
>>
>> Skype: samanthahz
>>
>>
>>
>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list