At the recent Sector.ca conference in Toronto there was a talk given by Nish Bhalla and Rohit Sethi. I didn’t have a chance to see it myself. The talk, entitled “Exploit-Me Series – Free Firefox Application Penetration Testing Suite Launch” surrounded a couple of plugins for the Firefox browser for testing cross site scripting (XSS) ans SQL injection.
Here are the links for the downloads:
- XSS-Me is the Exploit-Me tool used to test for reflected Cross-Site Scripting (XSS) vulnerabilities.
- SQL Inject-Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities.
I should also add that I have not had a chance to review these yet myself. Caveat emptor.
[tags]ExploitMe, Firefox Hacking Plugins, Firefox Add-ons, XSS, SQL Injection[/tags]