Six hundred and sixty six XSS vectors, suitable for attacking an API

by Bill Sempf 16. May 2013 15:54

So I need to attack an API. None of the XSS tools do it well - not Burp, not xsser, not Xenotix. All of the XSS vectors are packed away in Perl or Ruby or Python, or in articles. So I made my own data file.

Honestly, I didn't tweak the number, that what it came out to when I was done.

Anyway, here it is, ready for your File.ReadLine pleasure:

http://pastebin.com/48WdZR6L

Please use it responsibly.

S

Tags:

E-Mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (2)

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

PageList

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList

TagCloud

Mastodon