Archives for the Month of June, 2008

Javascript protocol fuzz results

Well it seems that Firefox 2.0.0.14 has provided the most interesting results with my protocol fuzzer. Char: 56320, link: jav&#56320ascript: Char: 56321, link: jav&#56321ascript: Char: 56322, link: jav&#56322ascript: Char: 56323, link: jav&#56323ascript: Char: 56324, link: jav&#56324ascript: Char: 56325, link: jav&#56325ascript: ,, ,, ,, ,, All the way to:- char: 57343, link: jav&#57343ascript: and hex entities […]

Javascript protocol fuzzer

Continuing the theme of fuzzers, I’ve wrote a Javascript protocol fuzzer. The goal was to try and produce every variation of javascript execution from links. It uses PHP and Javascript in order to maximize the speed of scanning, this means it can scan around 5000 links at a time. Any ideas on improving the options […]

XSS tag fuzzer

It’s been a while since I’ve blogged but I’m pretty busy at the moment with my new baby and also moving jobs as I was made redundant. I thought I’d combine my work with my blogging as I’m working on some XSS vectors for IE8. During the process I built a simple tag fuzzer which […]