AttackAPI

Sat, 26 Aug 2006 02:00:47 GMT
by pdp

AttackAPI provides simple and intuitive programmable interface for composing attack vectors with JavaScript and other client and server related technologies.

AttackAPI is standard part of many public and private security related projects supported by GNUCITIZEN and other organizations. The library had many incarnations and not all of them were made public. Simply put, internally we call everything AttackAPI that relats to common set of routines useful for offensive research.

AttackAPI is open source (GPLv2) project and as such you should feel free to extend upon it. Because AttackAPI means everything and nothing at the same time, for us this project is mostly a placeholder for future work. However, you can still check SVN tags for previous work and code.

Archived Comments

Jan NovakJan Novak
i'd like to test this api
pdppdp
sure, give it a go. If you find any problems with it please post them here. Thanks.
f0rg3f0rg3
I'm really banking alot of the future of web application security on XSS, As in i'm staking my career on it. Sure BUffer overflows are still gonna exist and teh skillz are requisite but xss is the future and any hacker worth his salt should know about this. thanks Mr pdp, you are an invaluable resource/person. Big Up.
rootkidrootkid
pdp, I really like your library so far, helped me a _LOT_ developing my own stuff. At the moment I am pretty much stuck here with a problem regarding execution of an AttackApi script in an IE 6 environment. Is there anything like a chat or forum which can be used for problems like this (I'd rather do it this way than posting it to code.google.com, as I am not sure if this really is an issue or simply stupidity of me). I'd really like to see a AttackAPI community out there..:)
pdppdp
rootkid, I've created AttackAPI Google group. Feel free to post your stuff there. I would like to build community around the library too since V3 looks very promising in terms of new features. I am not sure whether I discussed this thing somewhere else, but AttackAPIv3 has features to export the most basic set of requirements for each attack payload.
zaibzaib
Where to download attackAPI package because this link http://www.gnucitizen.org/blog/attackapi/AttackAPI.zip is showing "Not Content Found" message ?
pdppdp
I know! The project has been broken for long time. I hope that it is not dead. I will put it as a HoH initiative to see if people will pick on it and expand it.
meandminemeandmine
I was wondering, since I can't download the code to help improve the code to in turn help others, why have the code up on google code? It's a simple thing to bookmark the page and plagiarize your work, no?
pdppdp
meandmine, we use google code because it is simple and it does the job.
StefanStefan
Has the attackAPI project been discontinued? I can't find anywhere to download it? Thanks!