Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Free Cross-Site Scripting (XSS) Scanner


php_Guy

Recommended Posts

I ran across this today at http://www.acunetix.com/

 

They make a very expensive vulnerability scanner that may well be worth the price for a large production site.

 

They also have a FREE version that scans for just XSS vulnerabilities.

 

I tried it just to see how it worked and it said that my store was protected against XSS attack BUT it found a vulnerability in a whois script I forgot I even wrote that was located on my main site. A quick addition of htmlentities() around a couple of POST variables and the program verified that the vulnerability was corrected.

 

I wish I had the money to spare for the full version ($1500 for a single site, $3500 for developers/designers).

 

But the FREE version is well worth the time to download!

 

If anyone knows of similar FREE scanners that detect other sorts of vulnerabilities, PLEASE post links here.

Link to comment
Share on other sites

  • 8 months later...

Yes I ran this program today and it confirmed a possible XSS vulnerability with advanced_search_result.php

 

If I had a free $1200 I'd buy the full version of the program which tests for much more than just XSS.

Link to comment
Share on other sites

  • 1 month later...

I have access to the full version of the software thru a web designer friend and I scanned my site.

It found many types of vulnerabilities for my site.

My friend is way too busy to help me fixing them, so I'd like to ask someone here for help fixing them.

In return I can use the the software to scan thir site and let them know if there are problems so they can fix them. The software seems to do very extensive tests for long hours.

If some one is interested please let me know vie PM and I will tell you what problems I have and you can tell me what to scan.

OSC beginner

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...