Friday, February 09, 2007

XSSed.com - XSS Archive w/ Mirror

One thing that I've thought web app sec was missing that network sec had was a defacement/attack archive w/ mirror, especially after Acunetix decided to pretend that the flaws that had been found and posted on sla.ckers.org had never existed, something like Zone-h, but for XSS exploits.

Well, today I found a site called XSSed.com which contains an XSS attack archive, with a mirror, which greatly resembles zone-h, but that can only be good since no-one has to figure out a new interface.

Personally I think we should give them our support, because without any way to verify vulnerability claims vendors will still be able to sweep things under the rug, and lie their way though everything. And an unbiased 3rd party is probably a great way to do so.

No comments: