Elias Athanasopoulos elias.athanasopoulos at gmail.com
Thu May 12 05:39:34 EDT 2011


I have created a Google Chrome extension for detecting HPP vulnerabilities
purely at the client-side. The idea is to use jQuery for parsing all
hyperlinks and HTML forms that may include the same parameter multiple
times. HPP Finder marks all suspicious hyperlinks and forms in a dashed
frame and reports all of them in a pop-up, which is triggered upon clicking
on the extension's icon.

HPP Finder is not a complete solution for HPP attacks. It can only spot
hyperlinks and forms that include parameters that mask one each other. It is
also still in a very beta stage, since it's my first Chrome extension. You
can find a demo page at:


Any comments and suggestions are welcome.


I bet the human brain is a kludge.  --Marvin Minsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20110512/54604e26/attachment-0003.html>

More information about the websecurity mailing list