Google Web "Firing Range" Available

Published: 2014-11-20
Last Updated: 2014-11-20 20:03:08 UTC
by Rob VandenBrink (Version: 1)
0 comment(s)

Google has released a "Firing Range" for assessing various web application scanners, with what looks like a real focus on Cross Site Scripting.   The code was co-developed by Google and Politecnico di Milano

Targets include:

  •     Address DOM XSS
  •     Redirect XSS
  •     Reflected XSS
  •     Tag based XSS
  •     Escaped XSS
  •     Remote inclusion XSS
  •     DOM XSS
  •     CORS related vulnerabilities
  •     Flash Injection
  •     Mixed content
  •     Reverse ClickJacking

Source code is on github at

App Engine deploy is at

Rob VandenBrink

0 comment(s)


Diary Archives