Search Results for "cross site scripting"

bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific...

As an open source penetration testing tool, IPTC-Attacker allows to create an image with IPTC metadata containing testing vectors for Cross-Site Scripting attacks. Each checkbox can be used to include a huge collection of payloads into the selected tags (HTML5sec, XSS Cheat Sheet). If a checkbox will be not selected, the string aaa'bbb"ccc<ddd is automatically included into the unchecked IPTC tag. Therefore, testing for XSS vulnerabilities via IPTC metadata is possible by looking into the source code of the attacked Web application; strictly speaking for aaa'bbb"ccc<ddd or alternatively by verifying if, for example, alert-windows appear due to the XSS vector collection.

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.

Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.