I’ve sat on the concept for a long time and it has had many names but I’ve got a bit of free time now so I decided to create a proof of concept. It isn’t perfect yet and there may be false positives due to a few bugs but if you read my blog you […]

Ronald and I had a good conversation about Javascript regular expressions comparing them to PHP. He was having difficultly with the syntax because he was used to preg in PHP so I promised to share my knowledge gained from developing various online scripts. First up preg_match in PHP can be achieved using the match function […]

Eric Butera emailed me with a very interesting topic about protecting against PHP_SELF exploits. I thought it might be a good idea to gather a few test cases demonstrating the problem. Why PHP allows these URL’s is beyond me and it wouldn’t take much work to filter out these malicious URL’s in the PHP code. […]

I’ve updated the design and layout of Hackvertor along with some new tags and features. In the next few weeks I plan to tidy the code up and reduce a lot of functions. If you have any feature suggestions then please leave a comment, SQL injection tags are planned for the next release along with […]

Developers place too much trust in everything, they assume that certain data cannot be faked and therefore these pieces of data can be used as a Trojan horse. Lets take the REMOTE IP of a user, it seems a trusted source because of the TCP/IP connection between the user and the server but take the […]

When someone uses htmlentities I’ve seen it time and time again that they expect that it filters variables from all XSS. This is wrong of course because the function requires a second parameter ENT_QUOTES which correctly replaces quote characters. Some developers aren’t even aware that quotes can lead to XSS injection. This leads me to […]

I thought I’d continue the theme of experimenting with XSS and trying different things, I haven’t seen this written about anywhere so here goes. The idea is using CSS as a XSS payload, this can be useful when filters allow some things but make it difficult to construct an attack. I’ve decided to call it […]

I like the topic of CSRF because it’s such a difficult problem to solve, I was thinking about ways a browser can prevent CSRF and I’ve come up with the following solutions:- 1. After a domain name any image/object/frame etc request is truncated by a user definable setting. Limiting the amount of data an attacker […]

I’ve been busy…real busy on Hackvertor 🙂 so I thought it might be a good idea to explain the ideas behind it. Please note Hackvertor is currently only tested under Firefox. I may support other browsers in future. What is it? It’s many things: a conversion utility, browser hacking platform, targeted fuzzing tool, XSS filter […]

I’ve decided to create a video demo of Hackvertor to display the new features I’ve added. The tool is quite powerful now and it is even able to solve my a bit of fun challenge. I didn’t want to waste the bandwidth of my server because of costs so sorry about the adverts displayed in […]