Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Google Web "Firing Range" Available - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Google Web "Firing Range" Available

Google has released a "Firing Range" for assessing various web application scanners, with what looks like a real focus on Cross Site Scripting.   The code was co-developed by Google and Politecnico di Milano

Targets include:

  •     Address DOM XSS
  •     Redirect XSS
  •     Reflected XSS
  •     Tag based XSS
  •     Escaped XSS
  •     Remote inclusion XSS
  •     DOM XSS
  •     CORS related vulnerabilities
  •     Flash Injection
  •     Mixed content
  •     Reverse ClickJacking

Source code is on github at

App Engine deploy is at

Rob VandenBrink

Rob VandenBrink

578 Posts
ISC Handler
Nov 20th 2014

Sign Up for Free or Log In to start participating in the conversation!