[Full-disclosure] Web Security and Bookmarklet Exploits
pdp (architect)
pdp.gnucitizen at googlemail.com
Sun Mar 18 08:58:20 GMT 2007
http://www.gnucitizen.org/blog/sex-candies-and-bookmarklet-exploits
http://www.gnucitizen.org/projects/technika/
I have rolled out a new Technika browser extension. It is very small
and extremely fast. Technika also integrates with Firebug, so you can
easily test and compose Bookmarklets on the fly. The article that I
pointed above discusses how Bookmarklets can be used to compose web
app exploits. There is a framework similar to metasploit that will
come out very soon. I thought that it might be a good idea to share
these ideas now, so the community knows what to expect in the future.
Thanks.
--
pdp (architect) | petko d. petkov
http://www.gnucitizen.org
Full-Disclosure is hosted and sponsored by Secunia.