The Spanner

Category Archives: html

Tag inspector

I’ve been trying to automate the stuff that I normally do when XSS testing to make it easier than writing custom scripts each time. This worked really well for my fuzzing script which fuzzed random characters embedded into tags to find unusual combinations of characters. I’ve done the same again but this time it inspects [...]

¶ Posted 22 November 2007 † Gareth Heyes § Security § Tag Inspector § javascript § xss ‡ Comments (8)

iframes are evil

If I was in charge of browser security I would completely remove them, they are just a bad idea, I predict a huge rise of iframe based attacks from browser exploits to CSRF. I know this won’t happen because there are too many people who use them and don’t understand the security implications.
So I [...]

¶ Posted 09 September 2007 † Gareth Heyes § Security ‡ Comments (9)

Inspiration
- Arshan
- Ascetik
- beford
- Billy Rios
- Chris Weber
- David Ross
- Eric Lawrence
- hackademix
- Hackvertor
- Halvar Flake
- Jesse Ruderman
- Joe Walker
- John Resig
- Kuza55
- maliciousmarkup
- Manuel Caballero
- Matt Presson
- Miscoded
- nihilogic
- PHPIDS
- pro.grammatic
- Reiners
- rgaucher
- rvdh
- Sirdarckcat
- sla.ckers
- Stefan Esser
- Stefano Di Paola
- Thornmaker
- tssci-security
- ush.it
- Web Reflection
- xorl
- Yosuke HASEGAWA
Recent Comments
RSS Links
- All posts
- All comments
March 2010

M T W T F S S

« Feb

1 2 3 4 5 6 7

8 9 10 11 12 13 14

15 16 17 18 19 20 21

22 23 24 25 26 27 28

29 30 31
Home

The Spanner

Category Archives: html

Tag inspector

iframes are evil

Inspiration

Recent Comments

RSS Links

Category Archives

Search

Advert

March 2010
M	T	W	T	F	S	S
« Feb
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31