Just discovered a very interesting tool from Microsoft to combat Cross Site Scripting Vulnerabilities.
The XSS Detect Code Analysis tool has been released in beta, and does static code analysis to determine potential XSS Vulnerabilities within ASP.Net applications. I ran it on my standard XSS test application and managed to detect the standard XSS mistakes. I will say this though, it is still in beta, and when I tried to run it over our real site, the tool managed to crash Visual Studio. I can't wait til it RTM's, I'll be following this tool with a lot of interest.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment