gazheyes at gmail.com
Tue Sep 11 11:42:05 UTC 2012
On 11 September 2012 11:24, Johanna Curiel <johanna.curiel at owasp.org> wrote:
> this looks like an excellent tool. With this I'll be able to test the
> vectors in the newest browsers and also check the sucessfull ones.
Shazzer also has a JSON API btw so you can automatically construct
Get a list of public vectors:
Get a specific vector:
The JSON includes a template for the vector as well as a PoC url
Any non displayable characters are urlencoding.
You can find all sorts of vulnerabilities from crashes, charset issues and
DOM xss issues such as recently I found Firefox translates the host part of
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders