Sleepy Puppy Open Source the Netflix tool for XSS vulnerabilities

Netflix has developed and distributes free of charge for anyone interested, a cross-site scripting (XSS) vulnerability tool.Netflix Sleepy Puppy Open Source

The Sleeping Puppy tool contains Netflix-developed security tools. The tools include the Fully Integrated Defense Automated Incident Response Platform, the Dirty Laundry blabbing staff monitor, and the Scumblr, Sketchy, and Workflowable hack monitors.

The developers of Netflix, Scott Behrens (helloarbit) and Patrick Kelley (monkeysecurity) have created Sleeping Puppy with a payload that can help admins to detect cross-site scripting (XSS) vulnerabilities in their web applications.

"Often, when checking for client side injections (such as HTML and JavaScript), security technicians look for where to inject through their application and try," say the researchers.

"While this provides fairly good coverage for the scope of the application, there is a case for attackers to inject and reflect from a completely separate application."

Administrators can check with Sleepy Puppy data such as URLs, referrers, cookies, user agents, Document Object Models, and screenshots.

The platform works with the Docker, and is extremely flexible, allowing users to implement their own payloads and tracking tools.

It can also be connected to Burp suite or ZAR suite using APIs.

See all Netflix tools in GitHub.
You can download Sleepy Puppy from here.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.098 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).