tag:blogger.com,1999:blog-2410549130005981530.post5616577251678066425..comments2023-10-25T05:05:04.859-05:00Comments on Confessions of a Penetration Tester: Cross Site TracingUnknownnoreply@blogger.comBlogger5125tag:blogger.com,1999:blog-2410549130005981530.post-63227138143105071542012-01-18T10:16:06.986-06:002012-01-18T10:16:06.986-06:00interesting.........i totally agree with your post...interesting.........i totally agree with your postashish kulkarnihttp://confessions.co.innoreply@blogger.comtag:blogger.com,1999:blog-2410549130005981530.post-19884952155749419832012-01-02T22:55:12.029-06:002012-01-02T22:55:12.029-06:00Thanks.. It helped..!! :)Thanks.. It helped..!! :)Ashutosh Jainnoreply@blogger.comtag:blogger.com,1999:blog-2410549130005981530.post-7932781287721965212010-07-30T06:34:32.335-05:002010-07-30T06:34:32.335-05:00Very interesting post I have found, its good to re...Very interesting post I have found, its good to read about confessions of a penetration tester. Thanks for sharing.Wireless penetration testinghttp://www.offensive-security.com/online-information-security-training/noreply@blogger.comtag:blogger.com,1999:blog-2410549130005981530.post-30018388892399235642009-05-11T09:41:00.000-05:002009-05-11T09:41:00.000-05:00I just found your blog and it looks really good, t...I just found your blog and it looks really good, thanks for that.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-2410549130005981530.post-51062852233091792512008-04-28T08:18:00.000-05:002008-04-28T08:18:00.000-05:00I agree with you.I tried to prove to obtain authen...I agree with you.<BR/><BR/>I tried to prove to obtain authentication parameters like basic auth using java sockets but i didn´t get it. I made a proof of concept using apache and one xss and TRACE vulnerable web.<BR/><BR/>I can see the server logs and the TRACE request is in there but nothing else. No authentication parameters anyway.<BR/><BR/>XST is not so dangerous i believe.Rafa Sánchezhttps://www.blogger.com/profile/09129204236166177968noreply@blogger.com