Friday, 20 July 2007
Google Lemon to Find Cross-site Scripting Vulnerabilities
|
| |
Google is developing a new automatic tool for finding common web application flaws. Lemon, as the tool is still called, is still being developed, but has been used internally... |
| |
|
| |
Google is developing a new automatic tool for finding common web application flaws.
Lemon, as the tool is still called, is still being developed, but has been used internally. However it is not known whether Google will release the software commercially as there are already similar software in the market.
Lemon will use fuzzing techniques to find cross-site scripting (XSS) bugs.
Fuzzing, which is otherwise called as fault injection testing involves supplying inputs that are designed to trigger and thus expose flaws in web application. Lemon analyses the response to these inputs to unearth security flaws. |
| |
|
|
| |
|
|
| |
|
|
| |
|
