Call: +44 (0)7759 277220 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Frank talks about Bruce Schneier's book "secrets and lies""] [Next entry: "Ed informs us that 10gR2 should be out this month"]

An excellent XSS cheatsheet



Damon P Cortesi emailed me over a week ago to tell me about the sysinternals website - i mentioned this in my post Another great Windows internals site. Damon also mentioned in a further email to me that he has a blog of his own that does include a small number of security related posts. I found one very good one titled http://dcortesi.com/2005/03/17/xss-cheatsheet - (broken link) XSS Cheatsheet - this post is short and sweet and links to a superb paper called "XSS cheatsheet - Esp: for filter evasion". This is a paper not for people who want to know what XSS (Cross Site Scripting) is but instead it is a superb list of possible tricks and hacks to try in XSS type attacks.