XSS Tunnelling & XSS Shell Tunnelling HTTP traffic through XSS Channels What Is XSS Tunnelling? What Is XSS Tunnel? XSS Tunnelling Paper: http://www.portcullis-security.com/uplds/whitepapers/XSSTunnelling.pdf XSS Tunnel and XSS Shell (includes source codes and binaries) http://www.portcullis-security.com/tools/free/xssshell-xsstunnell.zip XSS Tunnelling Video Dimonstration: http://ferruh.mavituna.com/blogs/xsstunnelling-video.zip ------------------------------------------------------------------------------------------------------ XSS Shell XSS Shell - Backdooring The Web Other features: * Keylogger * Mouse Logger (click points + current DOM) Built-in Commands: * Get Keylogger Data * Get Current Page (Current rendered DOM / like screenshot) * Get Cookie * Execute supplied javaScript (eval) * Get Clipboard (IE only) * Get internal IP address (Firefox + JVM only) * Check victim's visited URL history * DDoS * Force to Crash victim's browser Download: XSS Shell: http://www.portcullis-security.com/tools/free/XSSShell039.zip XSS Shell Installation (video) : http://ferruh.mavituna.com/makale/xss-shell-install-video/ XSS Shell Video Dimonstration: http://ferruh.mavituna.com/xssshell/demo/ That's all ppl,but for more info and update go to visit: http://www.portcullis-security.com/1.php