lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 26 Nov 2008 20:15:57 +0200
From: "James Matthews" <nytrokiss@...il.com>
To: "Mike C" <mike.cartall@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Anehta0.6.0 -- a new XSS Attack Platform!

I applaud the new tool however in reference on to what Mike said take a page
out of HD Moore's book and make it something to "help" the community.

On Wed, Nov 26, 2008 at 7:47 PM, Mike C <mike.cartall@...il.com> wrote:

>
>
> 2008/11/25 pst axis <axis@...nt0m.org>
>
>>  Anehta is an open source XSS Attack Platform which is maintained by
>> axis@...nt0m.org
>>
>>
>>
>> Project Home: http://anehta.googlecode.com
>>
>> Demo Video:
>> http://hi.baidu.com/aullik5/blog/item/cb4cd5899283b093a4c272a9.html
>>
>> Online Demo: http://www.secwiki.com/anehta
>>
>> Download: http://anehta.googlecode.com/files/anehta-v0.6.0fixed.zip
>>
>>
>>
>> It contains a javascript framework called anehta.js which is something
>> like "attackAPI" to help hackers write XSS payloads easier, and more than
>> that ,there is an administrative panel which implemented by PHP to help
>> manage the clients.
>>
>>
>>
>> Many good ideas are included in anehta project, some of the ideas you
>> might never seen before.
>>
>> You can really maximize your profits gained from XSS by lauching anehta.
>>
> I'm not sure you should word it that way. While full-disclosure is the best
> way to security utopia, touting a tool for it's malicious use will only
> serve to provide fodder to those who are opposed to full-disclosure.
>
> HD Moore has handled this well with his framework.
>
> --
> MC
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 

http://www.goldwatches.com/

http://www.jewelerslounge.com/liberty-coin-cufflinks

http://www.astorandblack.com/

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ