XAB - Cross Site Scripting Anonymous Browser

Cross Site Scripting Anonymous Browser (XAB) leverages sites vulnerable to XSS and client browsers to build a network of drones. It does not replace the current anonymous browsing proxies, but provides an alternative that does not require willing participants. XAB is released as a proof of concept and as a jumping point for further research in the area of Cross Site Scripting in 2009.

The tool and research behind it was presented at Blackhat and DEF CON in 2009 by Jeff Yestrumskas and Matt Flick.

xabattacker.pl

The meat of XAB

httproxab.pl

Modified version of Takaki Makino's Simple HTTP Proxy

cdproxy.pl

Modified version of cross domain proxy by Bart Van der Donck. This solves the same-origin problem within browsers. However, now that CORS is a thing, a cross domain proxy may not be needed in all cases.

Author

Jeff Yestrumskas, Matt Flick

LICENSE

GPL v3

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
README.md		README.md
cdproxy.pl		cdproxy.pl
httproxab.pl		httproxab.pl
xabattacker.pl		xabattacker.pl

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

XAB - Cross Site Scripting Anonymous Browser

xabattacker.pl

httproxab.pl

cdproxy.pl

Author

LICENSE

About

Uh oh!

Releases

Packages

Languages

fyrm/xab

Folders and files

Latest commit

History

Repository files navigation

XAB - Cross Site Scripting Anonymous Browser

xabattacker.pl

httproxab.pl

cdproxy.pl

Author

LICENSE

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages