XSS LAB DEMO IDEAS

From: Jeremy Junginger (jj@act.com)
Date: 01/06/03

Next message: Loki: "Re: XSS LAB DEMO IDEAS"

Previous message: gman .: "Re: command-line reverse connection tunnel?"
Next in thread: Loki: "Re: XSS LAB DEMO IDEAS"
Reply: Loki: "Re: XSS LAB DEMO IDEAS"
Reply: Mark Curphey: "Re: XSS LAB DEMO IDEAS"
Reply: Kevin Spett: "Re: XSS LAB DEMO IDEAS"
Maybe reply: Dawes, Rogan (ZA - Johannesburg): "RE: XSS LAB DEMO IDEAS"
Maybe reply: Fermín J. Serna: "Re: XSS LAB DEMO IDEAS"
Maybe reply: Jeremy Junginger: "RE: XSS LAB DEMO IDEAS"
Maybe reply: Dawes, Rogan (ZA - Johannesburg): "RE: XSS LAB DEMO IDEAS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 6 Jan 2003 10:00:48 -0700
From: "Jeremy Junginger" <jj@act.com>
To: "pen-test" <pen-test@securityfocus.com>

After reading the papers by iDefense and the paper at
http://www.technicalinfo.net/papers/CSS.html , I would like to put a
working example together to familiarize our web developers with XSS
vulnerabilities and their impact on the web site (and business). I
would like to poll the group for interesting ways to demonstrate these
vulnerabilities in a lab environment. Thanks for taking the time to
give your input.

-Jeremy

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Loki: "Re: XSS LAB DEMO IDEAS"
Previous message: gman .: "Re: command-line reverse connection tunnel?"
Next in thread: Loki: "Re: XSS LAB DEMO IDEAS"
Reply: Loki: "Re: XSS LAB DEMO IDEAS"
Reply: Mark Curphey: "Re: XSS LAB DEMO IDEAS"
Reply: Kevin Spett: "Re: XSS LAB DEMO IDEAS"
Maybe reply: Dawes, Rogan (ZA - Johannesburg): "RE: XSS LAB DEMO IDEAS"
Maybe reply: Fermín J. Serna: "Re: XSS LAB DEMO IDEAS"
Maybe reply: Jeremy Junginger: "RE: XSS LAB DEMO IDEAS"
Maybe reply: Dawes, Rogan (ZA - Johannesburg): "RE: XSS LAB DEMO IDEAS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Laboratory Setup Help (RS)
... >> This list is provided by the SecurityFocus Security ... For more information on SecurityFocus' SIA service which ... >> vulnerabilities please see: ... >This list is provided by the SecurityFocus Security Intelligence Alert ...
(Pen-Test)
RE: Laboratory Setup Help (RS)
... You can find information on vulnerable packages from the distribution's ... GNU/Linux distributions (either the database or the advisories sent to ... > This list is provided by the SecurityFocus Security ... > vulnerabilities please see: ...
(Pen-Test)
Re: Scanners and unpublished vulnerabilities - Full Disclosure
... > often the very latest vulnerabilities come into play in their work. ... SecurityFocus was working on for CORE ST to report to a series of vendors ... > holes Microsoft fixed. ...
(Pen-Test)
RE: Vulnebrability level definition
... 'severity' of a given vulnerability, and this severity can change with time. ... different methodologies to rate vulnerabilities and present the associated ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)
RE: Cross Site Scripting Vulnerabilities - XSS
... Cross Site Scripting Vulnerabilities - XSS ... >> This list is provided by the SecurityFocus Security Intelligence ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)