Are there cross-platform tools to write XSS attacks directly to the database?

Posted by Joachim Sauer on Stack Overflow See other posts from Stack Overflow or by Joachim Sauer
Published on 2010-03-16T10:19:55Z Indexed on 2010/03/24 9:33 UTC
Read the original article Hit count: 302

Filed under:
|
|

I've recently found this blog entry on a tool that writes XSS attacks directly to the database. It looks like a terribly good way to scan an application for weaknesses in my applications.

I've tried to run it on Mono, since my development platform is Linux. Unfortunately it crashes with a System.ArgumentNullException deep inside Microsoft.Practices.EnterpriseLibrary and I seem to be unable to find sufficient information about the software (it seems to be a single-shot project, with no homepage and no further development).

Is anyone aware of a similar tool? Preferably it should be:

  • cross-platform (Java, Python, .NET/Mono, even cross-platform C is ok)
  • open source (I really like being able to audit my security tools)
  • able to talk to a wide range of DB products (the big ones are most important: MySQL, Oracle, SQL Server, ...)

© Stack Overflow or respective owner

Related posts about xss

Related posts about security-testing