| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Nov 2008 19:15:13 +0000 From: n3td3v <xploitable@...il.com> To: "James Matthews" <nytrokiss@...il.com>, full-disclosure@...ts.grok.org.uk Subject: Re: Anehta0.6.0 -- a new XSS Attack Platform! An attack platform is an attack platform, there is no "take a page out of hd moore's book" to make it look legal. His way isn't any more legal than this guys way, thats what you guys seem to be crossing your wires about. On Wed, Nov 26, 2008 at 6:15 PM, James Matthews <nytrokiss@...il.com> wrote: > I applaud the new tool however in reference on to what Mike said take a page > out of HD Moore's book and make it something to "help" the community. > > On Wed, Nov 26, 2008 at 7:47 PM, Mike C <mike.cartall@...il.com> wrote: >> >> >> 2008/11/25 pst axis <axis@...nt0m.org> >>> >>> Anehta is an open source XSS Attack Platform which is maintained by >>> axis@...nt0m.org >>> >>> >>> >>> Project Home: http://anehta.googlecode.com >>> >>> Demo Video: >>> http://hi.baidu.com/aullik5/blog/item/cb4cd5899283b093a4c272a9.html >>> >>> Online Demo: http://www.secwiki.com/anehta >>> >>> Download: http://anehta.googlecode.com/files/anehta-v0.6.0fixed.zip >>> >>> >>> >>> It contains a javascript framework called anehta.js which is something >>> like "attackAPI" to help hackers write XSS payloads easier, and more than >>> that ,there is an administrative panel which implemented by PHP to help >>> manage the clients. >>> >>> >>> >>> Many good ideas are included in anehta project, some of the ideas you >>> might never seen before. >>> >>> You can really maximize your profits gained from XSS by lauching anehta. >> >> I'm not sure you should word it that way. While full-disclosure is the >> best way to security utopia, touting a tool for it's malicious use will only >> serve to provide fodder to those who are opposed to full-disclosure. >> >> HD Moore has handled this well with his framework. >> >> -- >> MC >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > > > -- > > http://www.goldwatches.com/ > > http://www.jewelerslounge.com/liberty-coin-cufflinks > > http://www.astorandblack.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists