[Owasp-leaders] Help...

gaz Heyes gazheyes at gmail.com
Thu Sep 6 08:16:22 UTC 2012


On 5 September 2012 23:13, Tim <tim.morgan at owasp.org> wrote:

> I think that would be pretty key to making it useful again.  I find
> that I use RSnake's cheat sheet once every 2-3 assessments for the
> more tricky XSS contexts, but it is getting pretty out of date and
> many of the tricks don't work any longer.
>

Personally I've moved on from static cheatsheets, like you say they are
always out of date. I prefer to share results "live" and allow users to
create and fuzz their own vectors.
<http://shazzer.co.uk/database/All/Entities-allowed-before-js-protocol>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120906/c303a320/attachment.html>


More information about the OWASP-Leaders mailing list