Just a quick post to let you know I’ve updated Astalanumerator in case you use it somewhere. I use codeplex to host it as I thought I’d give it a whirl as I’ve seen other people host their projects and it looks decent. This version contains various CSS fixes and tracks each object within links […]

Custom setters syntax are being removed from Firefox in the next version.. boo I here you say well at least some of you. If you don’t know Firefox decided it would create it’s own setter syntax (I love it when you do that you know) ages ago and it looked something like this:- a setter=alert,a=1//calls […]

I hate to use the word Ajax because there’s no XML involved just nice JSON but Hackvertor now has Ajax applications! At the moment it’s very rough around the edges but it will improve when I get more spare time to work on them. What does it mean? Well you can now share actual HTML/JS […]

Birth of the regex sandbox I decided today to do a proper blog post to explain my reasons for creating regex sandboxes. I don’t often write a lot of words on this blog partly because I’m not very good a making long meaningful sentences and partly because I think the point can often be made […]

I’ve been having a bit of a fight with DOM CSS. Single css rules in various browsers are carried over to two or more rules in some instances depending which characters you use. This was playing havoc on my HTMLReg sandbox, I whitelist allowed rules so I can’t allow rules to be injected. The IE […]

Yeah you knew it was coming. This was easier than JavaScript parsing because I can use both the HTML and CSS renderers of the browser to make sure I can parse the code safely. So really this is CSS/HTML reg, I don’t support the style tag yet but that shouldn’t be difficult as I can […]

I wanted a sexy object enumerator. There wasn’t any. So I developed the terminator of enumerators “astalanumerator”. I have since integrated it into Hackvertor because that where I seem to put everything nowadays. Anyway you can use it by visiting:- 1. http://hackvertor.co.uk/public 2. Type window into the output 3. Click Inspect. Yeah damn sexy eh? […]

My one man mission to create a social coding network is going well, if you read this blog previously you’ll remember my attempts at a JavaScript sandbox until I finally settled on JSReg as a method. I’ve refined the process of creating tags after trying to build them myself using the editor. How to create […]

Over the weekend Stefano Di Paola broke my JSReg sandbox with some awesome vectors in particular the Opera one. He took my challenge after I laid down the gauntlet on the web app sec list. If you have some sandbox you want breaking, some Flash you need testing or general pen test work you should […]

I’m not a developer any more so I find it difficult to update the experiments I’ve been working on but I managed today to upload the work I’ve done with JSReg and update Hackvertor. They are both integrated closely together because Hackvertor allows untrusted Javascript using JSReg. The recent upgrade to JSReg allowed me to […]