Are there cross-platform tools to write XSS attacks directly to the database?
Posted
by Joachim Sauer
on Stack Overflow
See other posts from Stack Overflow
or by Joachim Sauer
Published on 2010-03-16T10:19:55Z
Indexed on
2010/03/24
9:33 UTC
Read the original article
Hit count: 302
I've recently found this blog entry on a tool that writes XSS attacks directly to the database. It looks like a terribly good way to scan an application for weaknesses in my applications.
I've tried to run it on Mono, since my development platform is Linux. Unfortunately it crashes with a System.ArgumentNullException
deep inside Microsoft.Practices.EnterpriseLibrary
and I seem to be unable to find sufficient information about the software (it seems to be a single-shot project, with no homepage and no further development).
Is anyone aware of a similar tool? Preferably it should be:
- cross-platform (Java, Python, .NET/Mono, even cross-platform C is ok)
- open source (I really like being able to audit my security tools)
- able to talk to a wide range of DB products (the big ones are most important: MySQL, Oracle, SQL Server, ...)
© Stack Overflow or respective owner