Evading .NET and Browser XSS Protection with Attribute Based XSS

.NET applications offer good protection against basic reflected XSS vectors. Since .NET 1.1, ValidateRequest has been examining client supplied input for "supicious" characters, and throwing a helpful error message if such characters are found within a GET or POST request.

Update to XSS-Harvest

Minor update, with improved redress functionality (thanks to @Openwatch), and a check to see whether the script has already been loaded (prevents duplicate keystrokes if the infection string is echoed more than once by the vulnerable application).

Download the new version from Cyberis' github repository here.

Read about XSS-Harvest here... http://blog.cyberis.co.uk/2011/07/harvesting-cross-site-scripting-xss.html

Harvesting Cross Site Scripting (XSS) Victims - Clicks, Keystrokes and Cookies

A couple of years ago I was inspired by @fmavituna's work on XSS Shell and decided to write a new extended version (XSS-Shell-NG) using a PHP and a MySQL backend rather than the ASP/Access combination of the original. I never released the tool publicly, as my main aim of making XSS Shell easier to use was never really accomplished; it still required a significant amount of set up to get it working. However, one thing that both tools did well once working was to demonstrate the real business impact of cross-site scripting.