首页| JavaScript| HTML/CSS| Matlab| PHP| Python| Java| C/C++/VC++| C#| ASP| 其他|
购买积分 购买会员 激活码充值

您现在的位置是:虫虫源码 > Java > 可配置的内容嗅探XSS测试床

可配置的内容嗅探XSS测试床

  • 资源大小:14.77 kB
  • 上传时间:2021-06-30
  • 下载次数:0次
  • 浏览次数:1次
  • 资源积分:1积分
  • 标      签: 测试 xss 配置 内容

资 源 简 介

WTF? MIMeGusta is a configurable content-sniffing XSS testbed. Content-sniffing XSS mainly applies to vulnerable file upload implementations, where an attacker is able to upload files with embedded client-side code such as JavaScript with the objective of XSS-ing users of the hosting domain. MITRE define this form of XSS as CAPEC-209: Cross-Site Scripting Using MIME Type Mismatch, OWASP describe it here (scroll down to the File Upload part). MIMeGusta is intended to allow security testers to explore the behaviour of browsers with particular focus upon the role of content-sniffing "cues" in determining whether JavaScript will be executed.

文 件 列 表

mimegusta
a.css
challenge1.php
challenge2.php
challenge3.php
challenge4.php
challenges.php
error.html
error2.html
index.php
jpg-header-invalid.png
jpg-header-valid.png
png-header-invalid.png
png-header-valid.png
readme.txt
saveOpenDialogue.png
validcontenttypes.txt

相 关 资 源

您 可 能 感 兴 趣 的

同 类 别 推 荐

VIP VIP