[WEB SECURITY] xss filter to protect from xss attacks
Anurag Agarwal
anurag.agarwal at yahoo.com
Tue Jan 23 02:18:34 EST 2007
I have created a xss filter to protect from xss attacks. Though i have filtered only for 8 characters but i was able to test against all the attacks mentioned in the RSnake's cheat sheet. Appscan was not able to detect any xss attacks on it. I request the application security community to help test this filter. 90% i am sure that you wont be able to perform any xss attack on it, the rest 10% i will find out after the feedback from the community. For the curious mind, it is written in java
In case if you are successful in performing xss attack, please do reply to this email with your name, browser and the xss attack string.
url - http://www.attacklabs.com/xssfilter/
I appreciate your time and effort. Thanks a lot in advance
Cheers,
Anurag Agarwal
SEEC - An application security search engine
Web: www.attacklabs.com , www.myappsecurity.com
Email : anurag.agarwal at yahoo.com
Blog : http://myappsecurity.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20070122/6883dd02/attachment.html>
More information about the websecurity
mailing list