| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Nov 2008 23:17:09 +0530
From: "Mike C" <mike.cartall@...il.com>
To: "pst axis" <axis@...nt0m.org>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Anehta0.6.0 -- a new XSS Attack Platform!
2008/11/25 pst axis <axis@...nt0m.org>
> Anehta is an open source XSS Attack Platform which is maintained by
> axis@...nt0m.org
>
>
>
> Project Home: http://anehta.googlecode.com
>
> Demo Video:
> http://hi.baidu.com/aullik5/blog/item/cb4cd5899283b093a4c272a9.html
>
> Online Demo: http://www.secwiki.com/anehta
>
> Download: http://anehta.googlecode.com/files/anehta-v0.6.0fixed.zip
>
>
>
> It contains a javascript framework called anehta.js which is something like
> "attackAPI" to help hackers write XSS payloads easier, and more than that
> ,there is an administrative panel which implemented by PHP to help manage
> the clients.
>
>
>
> Many good ideas are included in anehta project, some of the ideas you might
> never seen before.
>
> You can really maximize your profits gained from XSS by lauching anehta.
>
> I'm not sure you should word it that way. While full-disclosure is the best
way to security utopia, touting a tool for it's malicious use will only
serve to provide fodder to those who are opposed to full-disclosure.
HD Moore has handled this well with his framework.
--
MC
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists