Friday, January 21, 2011
XSS Rays - Google Chrome Browser Extensions
Complete XSS reversing/scanner tool. Find how a site is filtering code, check for injections and inspect objects.
XSS is a security tool to help pen test large web sites. It's core features include a XSS scanner, XSS Reverser and object inspection. Need to know how a certain page filters output? Don't have the source? No problem. XSS Rays will blackbox reverse a XSS filter without needing the source code.
You can also extract/view and edit forms non-destructively that normally can't be edited. For example if you want to modify the value of a checkbox without changing it's type XSS Rays can link to the object and allow you to change the value without altering the original object.
Using the object inspector you can browse through the window object and edit the contents of the functions in real time allowing you to dissect a web page and understand more how it works. This also works with globally defined functions, you can see which functions the developer has decided to place within the window object.
More info: http://www.thespanner.co.uk
thanks to Gareth Heyes for the great work !