My Security Planet » Yet Another Infosec Blog » New Bookmarklets

Feeds

13620 items (0 unread) in 75 feeds

• Jeremy Zawodny's blog
• Mozilla Webdev
• Transcendental Technical Travails
• Ian Bicking: a blog
• Hackosis

WebSecurity

• Watchfire Application Security Insider
• BlogSecurity
• sirdarckcat
• Google Online Security Blog
• CGISecurity.com: Your Web Site and Application Security Resource
• Switch/Twitch
• mybeNi websecurity
• cat slave diary
• SecuriTeam Blogs
• Curiouser and Curiouser
• Alex's Corner
• Billy (BK) Rios
• Chris Shiflett
• christian's weblog
• funkatron.com
• GNUCITIZEN
• The Spanner
• hackademix.net
• Ruby on Rails Security Project
• It's a shampoo world anyway
• Web Security Blog
• ha.ckers.org web application security lab
• Yet Another Infosec Blog
• PHP Security Blog
• Security Thoughts
• Sunnet Beskerming Security Advisories
• Disenchant's Blog
• Sylvan von Stuppe
• Larholm.com
• The Turkey Curse
• Jeremiah Grossman
• Anurag Agarwal - Application Security Evangelist
• Ivan Ristic
• deep inside | security & tools
• omg.wtf.bbq.
• BlueHat Security Briefings
• Tactical Web Application Security
• .:Computer Defense:.

Security

• tssci security
• Plynt Penetration Testing Blog
• Michael Howard's Web Log
• Security Retentive
• BindShell.Net
• Dominic White's .tHE pRODUCT
• SecurityFocus News
• Justice League
• Schneier on Security
• Rational Survivability
• terminal23
• 1 Raindrop
• hiredhacker.com
• Matasano Chargen
• Security Vulnerability Research & Defense
• Michael on Security - Musings on Information Security
• Fortify blog
• The Art of Software Security Assessment
• GDS Security Blog
• Vodun.org
• Robert Penz Blog
• Mark Curphey - SecurityBuddha.com
• Liminal states
• Security Ripcord
• ModSecurity Blog
• IBM Internet Security Systems Frequency X Blog
• Suspekt...
• extern blog SensePost;
• Zero in a bit

SEO

• SEO BlackHat: Black Hat SEO Blog
• busin3ss.name

Tools

• Opensourcetesting.org News

Yet Another Infosec Blog

• 

  New Bookmarklets

  Posted: August 3rd, 2006, 9:43am CDT by ryan

  Tags:    [edit]

  I developed a few new web app pentesting bookmarklets this afternoon. If anyone has any requests, or bookmarklets of their own to share, please leave me a comment.
  
  Here are the new ones:
  
  Password2text: for quickly viewing whats in a password input.
  Form: '+callform+' ['+df[i].method+'] '+df[i].action+'
  ';r+='';for(j=0;j';r+='  ';r+='';r+='';r+='';}r+='

  Name	Type	Value
  '+df[i].elements[j].name+'	'+df[i].elements[j].type+'	'+df[i].elements[j].value+'

  ';}r='Report for: '+document.location.href+'
  
  '+r;var w=window.open('', 'w', '');w.document.open();w.document.write(r);w.document.close();">Form Report: Detailed report of all forms on the current page.
  
  Here is a running list of all my security marklets so far:
  
  modcookie: For on-the-fly cookie modification.
  methodToggle: for toggling the method of a form, to test method strictness
  noMax: removes the maxlength property of text inputs.
  hidden2text: displays hidden inputs.
  
  I'll be looking forward to requests, and other security marklets from all of you ;)