Link to public beta of XSSDetect cross-site scripting code analysis plug-in for Visual Studio 2005

I ran across a few interesting posts on the Application Consulting and Engineering (ACE) team's blog that I wanted to link to here so that more folks will hopefully see them.  The ACE team announced a public beta this past week for a tool created by their team named XSSDetect.  This tool is a Visual Studio plug-in that does static code analysis to detect potential cross-site scripting (XSS) issues in web applications.

Here are some useful links about the XSSDetect tool and cross-site scripting:

• Blog post announcing the XSSDetect beta - https://blogs.msdn.com/ace_team/archive/2007/10/22/xssdetect-public-beta-now-available.aspx
• XSSDetect beta download location - https://www.microsoft.com/downloads/details.aspx?FamilyID=19a9e348-bdb9-45b3-a1b7-44ccdcb7cfbe&displaylang=en
• Details about how XSSDetect does dataflow analysis - https://blogs.msdn.com/hackers/archive/2007/10/23/some-technical-details-on-how-xssdetect-does-dataflow-analysis.aspx
• Using XSSDetect to analyze large applications - https://blogs.msdn.com/ace_team/archive/2007/10/24/xssdetect-analyzing-large-applications.aspx
• MSDN topic about the anti-cross site scripting library - https://msdn2.microsoft.com/en-us/security/aa973814.aspx

If you are building or testing web applications, I encourage you to check out the XSSDetect tool and the information in the above links to see if it might be useful in your development and testing processes.

Comments

• Anonymous
  October 28, 2007
  PingBack from http://msdnrss.thecoderblogs.com/2007/10/28/link-to-public-beta-of-xssdetect-cross-site-scripting-code-analysis-plug-in-for-visual-studio-2005/

• Anonymous
  October 28, 2007
  PingBack from http://hyiplive.org/link-to-public-beta-of-xssdetect-cross-site-scripting-code