Sat, 26 Aug 2006 02:00:47 GMT
by pdp

AttackAPI provides simple and intuitive programmable interface for composing attack vectors with JavaScript and other client and server related technologies.

AttackAPI is standard part of many public and private security related projects supported by GNUCITIZEN and other organizations. The library had many incarnations and not all of them were made public. Simply put, internally we call everything AttackAPI that relats to common set of routines useful for offensive research.

AttackAPI is open source (GPLv2) project and as such you should feel free to extend upon it. Because AttackAPI means everything and nothing at the same time, for us this project is mostly a placeholder for future work. However, you can still check SVN tags for previous work and code.

Archived Comments

Jan NovakJan Novak
i'd like to test this api
sure, give it a go. If you find any problems with it please post them here. Thanks.
I'm really banking alot of the future of web application security on XSS, As in i'm staking my career on it. Sure BUffer overflows are still gonna exist and teh skillz are requisite but xss is the future and any hacker worth his salt should know about this. thanks Mr pdp, you are an invaluable resource/person. Big Up.
pdp, I really like your library so far, helped me a _LOT_ developing my own stuff. At the moment I am pretty much stuck here with a problem regarding execution of an AttackApi script in an IE 6 environment. Is there anything like a chat or forum which can be used for problems like this (I'd rather do it this way than posting it to, as I am not sure if this really is an issue or simply stupidity of me). I'd really like to see a AttackAPI community out there..:)
rootkid, I've created AttackAPI Google group. Feel free to post your stuff there. I would like to build community around the library too since V3 looks very promising in terms of new features. I am not sure whether I discussed this thing somewhere else, but AttackAPIv3 has features to export the most basic set of requirements for each attack payload.
Where to download attackAPI package because this link is showing "Not Content Found" message ?
I know! The project has been broken for long time. I hope that it is not dead. I will put it as a HoH initiative to see if people will pick on it and expand it.
I was wondering, since I can't download the code to help improve the code to in turn help others, why have the code up on google code? It's a simple thing to bookmark the page and plagiarize your work, no?
meandmine, we use google code because it is simple and it does the job.
Has the attackAPI project been discontinued? I can't find anywhere to download it? Thanks!