XSS and Fuzzing

Back to articles

hackvertor

Author:

Gareth Heyes

@hackvertor

Published: Fri, 03 Aug 2007 10:02:34 GMT

Updated: Sat, 22 Mar 2025 15:38:02 GMT

I've been doing a bit of manual testing on a project that Mario & others are creating, I don't usually do a lot of XSS cause I find it a bit boring doing the same stuff, so I decided to come up with some new vectors which I found cool. The only problem was creating the event handlers etc because they are obviously protected by the phpids, so I decided to write a little fuzzer to save me time :)

Fuzzer

At the moment it's only very basic but I plan to expand upon it, so stay tuned for updates but until then have a look:- Basic fuzzer

New vectors

I thought I'd better save it as a text file in case they execute on any rss aggregators:- Demo

Back to articles