Difference between revisions of "Projects/OWASP X5s Project/Releases/x5s v1.0.1"

From OWASP
Jump to: navigation, search
(Created page with '{{Template: <includeonly>{{{1}}}</includeonly><noinclude>Release About</noinclude> | project_name = OWASP X5s Project | project_home_page = OWASP Fiddler Addons for Security Test…')
 
Line 19: Line 19:
 
| leader_username1 = Chrisweber  
 
| leader_username1 = Chrisweber  
  
| release_notes =
+
| release_notes = http://www.owasp.org/index.php/Projects/OWASP_X5s_Project/Releases/x5s_v1.0.1/Notes
 
}}
 
}}

Revision as of 12:32, 13 October 2010

back to project home page

what is this release?
x5s v1.0.1 - 06/05/2010 - (download)
Release Description: x5s was first and foremost designed to find encoding and character transformation issues that can lead to XSS vulnerability, and present them in a visual way where they could be reviewed with a quickness. Many tools exist for testing Web-applications to find cross-site scripting bugs. There are browser plugins, Web-scanners, and static code analyzers. We use whatever suits us in a given situation and produces the output we're interested in receiving. We developed x5s for penetration testers and other security-minded persons who already know how to find and exploit an XSS vulnerability. The tool has a slightly different bent than other tools we've used.

It's main goals include:

  • Automate finding the encoding issues that can lead to XSS.
  • Identify where character transformations occur by injecting multibyte characters such as higher Unicode code points and non-shortest form character encodings.
Release License: New BSD
who worked on this release?
Release Leader(s):
how can you learn more?
Release Notes: View
Release Rating: Yellow button.JPG Not Reviewed - Assessment Details
Key Contacts
  • Contact the GPC to report a problem or concern about this release info or to update information.