[WEB SECURITY] HPP Finder
elias.athanasopoulos at gmail.com
Thu May 12 05:39:34 EDT 2011
I have created a Google Chrome extension for detecting HPP vulnerabilities
purely at the client-side. The idea is to use jQuery for parsing all
hyperlinks and HTML forms that may include the same parameter multiple
times. HPP Finder marks all suspicious hyperlinks and forms in a dashed
frame and reports all of them in a pop-up, which is triggered upon clicking
on the extension's icon.
HPP Finder is not a complete solution for HPP attacks. It can only spot
hyperlinks and forms that include parameters that mask one each other. It is
also still in a very beta stage, since it's my first Chrome extension. You
can find a demo page at:
Any comments and suggestions are welcome.
I bet the human brain is a kludge. --Marvin Minsky
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity