forked from SpiderLabs/deface
kamcpp/deface
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
deface dbyrne@trustwave.com rsulatycki@trustwave.com http://www.trustwave.com/spiderlabs INTRODUCTION ============ DefaceTool is an open-source Java Server Faces(JSF) testing tool for decoding view state and creating view state attack vectors. The tool can be used to create XSS attacks and session and application scope attacks against Apache MyFaces 1.2.8 applications. The tool has been architected to be extensible and can be modified to support other versions of Apache MyFaces and Sun Mojarra. USAGE ===== DefaceTool is a Java application. Once built, launch the resulting "defacetool.jar" file using Java. java -jar defacetool.jar COPYRIGHT ========= DefaceTool- A web application security testing tool Created by David Byrne and Rohini Sulatycki Copyright (C) 2010 Trustwave Holdings, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>
About
A Java Server Faces (JSF) testing tool for decoding view state and creating view state attack vectors.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published