XSS LAB DEMO IDEAS

From: Jeremy Junginger (jj@act.com)
Date: 01/06/03

  • Next message: Loki: "Re: XSS LAB DEMO IDEAS"
    Date: Mon, 6 Jan 2003 10:00:48 -0700
    From: "Jeremy Junginger" <jj@act.com>
    To: "pen-test" <pen-test@securityfocus.com>
    
    

    After reading the papers by iDefense and the paper at
    http://www.technicalinfo.net/papers/CSS.html , I would like to put a
    working example together to familiarize our web developers with XSS
    vulnerabilities and their impact on the web site (and business). I
    would like to poll the group for interesting ways to demonstrate these
    vulnerabilities in a lab environment. Thanks for taking the time to
    give your input.

    -Jeremy

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:
    https://alerts.securityfocus.com/



    Relevant Pages

    • RE: Laboratory Setup Help (RS)
      ... >> This list is provided by the SecurityFocus Security ... For more information on SecurityFocus' SIA service which ... >> vulnerabilities please see: ... >This list is provided by the SecurityFocus Security Intelligence Alert ...
      (Pen-Test)
    • RE: Laboratory Setup Help (RS)
      ... You can find information on vulnerable packages from the distribution's ... GNU/Linux distributions (either the database or the advisories sent to ... > This list is provided by the SecurityFocus Security ... > vulnerabilities please see: ...
      (Pen-Test)
    • Re: Scanners and unpublished vulnerabilities - Full Disclosure
      ... > often the very latest vulnerabilities come into play in their work. ... SecurityFocus was working on for CORE ST to report to a series of vendors ... > holes Microsoft fixed. ...
      (Pen-Test)
    • RE: Vulnebrability level definition
      ... 'severity' of a given vulnerability, and this severity can change with time. ... different methodologies to rate vulnerabilities and present the associated ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
      (Pen-Test)
    • RE: Cross Site Scripting Vulnerabilities - XSS
      ... Cross Site Scripting Vulnerabilities - XSS ... >> This list is provided by the SecurityFocus Security Intelligence ... For more information on SecurityFocus' SIA service which ...
      (Pen-Test)