download
- PDF Paper - XSS TunnellingMD5: 6FC8C1B79FD57A8E351B1B1C8ECDBDB5
SHA1:4F14165D933A8603EC00319BAEBD2374D90F9020
readme / man page
licence
summary
XSS Tunnelling
XSS Tunnelling is the tunnelling of HTTP traffic through an XSS Channel to use virtually any application that supports HTTP proxies. This paper explains the idea and the real world implementation.
Tools mentioned in the paper:
Last Updated : 02/04/2008 10:25:00
Related Applications
- BSQL brute forcer V2Updated version of the Blind SQL Injection Brute Forcer from www.514.es. Works against PostgreSQL, MySQL, MSSQL and Oracle and supports custom SQL Queries.
- BSQL HackerBSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.
- DoS Attacks Using SQL WildcardsThis paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers. This can be achieved using only the search field present in most common web applications.
- Flash Security
- hoppyHTTP options prober and information disclosure scanner
- How to Detect and Exploit 99% of XSS Vulnerabilities
- Insecure Trends in Web 2.0 Applications
- XSS ShellXSS Shell is a powerful XSS backdoor, in XSS Shell one can interactively send requests and get responses from victim and it allows you to keep the control of session
