| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1305738778.7137.1399.camel@tucbook> Date: Wed, 18 May 2011 19:12:58 +0200 From: Stefano Di Paola <stefano.dipaola@...ec.it> To: Owasp webappsec <webappsec@...ts.owasp.org> Cc: WascSf <webappsec@...urityfocus.com>, Wasc <websecurity@...appsec.org>, Btq <bugtraq@...urityfocus.com> Subject: DOMinator - The DOMXss Analyzer Tool - is finally public What is DOMinator? DOMinator is a Firefox based software for analysis and identification of DOM Based Cross Site Scripting issues (DOMXss). It is the first runtime tool which can help security testers to identify DOMXss. How it works? It uses dynamic runtime tainting model on strings and can trace back taint propagation operations in order to understand if a DOMXss vulnerability is actually exploitable. ... If you're interested in it continue the reading here: http://blog.mindedsecurity.com/2011/05/dominator-project.html More whitepapers in the next days. Cheers Stefano -- ...oOOo...oOOo.... Stefano Di Paola Software & Security Engineer Owasp Italy R&D Director Web: www.wisec.it Twitter: http://twitter.com/WisecWisec ..................
Powered by blists - more mailing lists