XSS Tunnelling Paper and XSS Tunnel Tool


Finally I released XSS Tunnelling paper and the tool about two weeks ago. It was supposed to be released in Italy OWASP 2007 but I couldn't attend because of a stupid visa problem. Thus I released and presented in Web Security Days - OWASP Turkey event.

I was playing with this idea for six months or something, finally I got  my hands dirty and code it and wrote the brief paper.

XSS Tunnelling Paper

XSS Tunnel and XSS Shell (source codes and binaries)

XSS Tunnelling Video


I've got really good reviews so far, please feel free to send your comments. In my humble opinion this is the final point of "session hijacking".

Recent Blog Posts

See all of the blog posts