Jeff Yestrumskas

Last year, Matt Flick and I presented at both Blackhat DC and Defcon 17 about our Cross Site Scripting Anonymous Browser (XAB for short). XAB allows for anonymous browsing fueled by sites vulnerable to XSS. The tool/framework really had no other purpose than to finish the statement of “wouldn’t it be neat if…”.

All in all, it was a fun research project to expand and extend unintended functionality present in web browsers in an interesting way.

Here’s a link to the video of our presentation at Defcon 17: XAB Defcon presentation video

XAB can be downloaded at xab.sourceforge.net

Enjoy!

This entry was posted on Tuesday, April 20th, 2010 at 6:51 am and is filed under geek, security. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.