XSS and Fuzzing
Published: Fri, 03 Aug 2007 10:02:34 GMT
Updated: Sat, 22 Mar 2025 15:38:02 GMT
I've been doing a bit of manual testing on a project that Mario & others are creating, I don't usually do a lot of XSS cause I find it a bit boring doing the same stuff, so I decided to come up with some new vectors which I found cool. The only problem was creating the event handlers etc because they are obviously protected by the phpids, so I decided to write a little fuzzer to save me time :)
Fuzzer
At the moment it's only very basic but I plan to expand upon it, so stay tuned for updates but until then have a look:- Basic fuzzer
New vectors
I thought I'd better save it as a text file in case they execute on any rss aggregators:- Demo