Hi all readers=2C

Just releasing a very small tool I wrote called Durzosploit.

Durzosploit is a javascript exploits generator framework that works through the console. This goal of that project is to quickly and
easily generate working exploits for cross-site scripting vulnerabilities in popular web applications or web sites.

Please note that Durzosploit does not find browser vulnerabilities=2C it only is an framework containing exploits you can use.

More info can be found here: http://engineeringforfun.com/wiki/index.php/Durzosploit_Introduction 
You can get it through the SVN: http://engineeringforfun.com/wiki/index.php/Durzosploit_SVN 

At present there isn't many exploits:
(dz)> search exploits
twitter.com/update_status               -       Updates a target's status
twitter.com/update_settings             -       Updates your target's settings
facebook.com/what_is_on_your_mind       -       Write your message in your target's mind
drupal/edit_user_profile                -       Drupal 6.x - edit the profile of the user
drupal/logout                           -       Drupal 6.x - makes target logout
(dz)>

My focus has been on the framework itself=3B allowing people to quickly write their exploits and adding some automated obfuscators (Deanedwards is in there).

I'll also use that email as a chance to give a quick update on Browser Rider. I am currently working on its API=2C a ruby client and a small firefox extension. I think Durzosploit will be a good addition to all of that.

Please email to benjilenoob(_at_)gmail.com if you have any questions=2C issues=2C bugs=2C ideas=2C contributions. I'll be happy to answer you ASAP.

have fun!

Benjilenoob

_________________________________________________________________
T=E9l=E9phonez gratuitement =E0 tous vos proches avec Windows Live Messenger=A0 !=A0 T=E9l=E9chargez-le maintenant !
http://www.windowslive.fr/messenger/1.asp