Dom XSS Scanner is History

I decided to turn off the Dom XSS Scanner online tool to reduce my hosting bills. The archived git repo can still be accessed. Below you find a list of resourced for further research about DOM based XSS and online security in general.

Articles and Resources about DOM based XSS attacks

English Articles and Resources

• Dom XSS Test Cases Wiki
• OWASP: DOM Based XSS
• Testing for DOM-based Cross site scripting (OWASP-DV-003)
• DOM based XSS Prevention Cheat Sheet
• DOM Based Cross Site Scripting or XSS of the Third Kind
• A Twitter DomXss, a wrong fix and something more
• Multiple DOM-Based XSS in Dojo Toolkit SDK
• Wikipedia: Cross-site scripting

Deutsche Artikel und Ressourcen

• Sicherheit von Webanwendungen
• Wikipedia: Cross-Site Scripting

Free Web Security Tools

Security Tools for the Desktop

• Arachni Web Application Security Scanner Framework
• JBroFuzz web application fuzzer
• GNU Privacy Guard - GnuPG.org
• Metasploit Penetration Testing Software
• Nikto Open Source web server scanner
• Paros web application security assessment
• Prey - Track down your stolen laptop
• skipfish web application security scanner
• w3af Web Application Attack and Audit Framework
• Wapiti Web application security auditor
• WebScarab security testing on web applications and web services
• Websecurify | Web Application Security Scanner and Manual Penetration Testing Tool
• wfuzz - Web application bruteforcer

Web based Security Tools

• Netcraft What's That Site Running Results
• Web Scanner Test Site

Security Firefox Add-ons

• NoScript run executable code only from trusted domains
• Firesheep

Security Chrome Extensions

• Click&Clean Delete your browsing history

Other Security Tools Lists

• 10 Best Hacking and Security Software Tools for Linux
• 10 (More) Hacking and Security Software Tools for Linux
• Fedora Security Lab distribution package list
• Password Cracker Tools
• Phoenix/Tools - OWASP
• Web Vulnerability Scanner Tools

IT Security Guides, Tutorials, Data Bases, and Sites

Security Guides and Tutorials

• OWASP Development Guide
• OWASP Secure Coding Practices Quick Reference Guide
• Google Code University Web Security Course
• Web Application Exploits and Defenses
• The World Wide Web Security FAQ
• Browser Security Handbook
• html5security - HTML5 Security Cheatsheet
• Website Security for Webmasters at Google Webmaster Central
• Common Security Mistakes in Web Applications - Smashing Magazine
• CWE - 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
• Anonymous Internet browsing using Ubuntu 9.10, Tor and Firefox | Short IT recipes
• 20 Linux Server Hardening Security Tips
• PHPIDS Web Application Security 2.0
• Blocking Unwanted Parasites with a Hosts File

Security News and Information

• Exploits Database by Offensive Security
• Fortinet FortiGuard Blog
• Google Online Security Blog
• Naked Security | News. Opinion. Advice. Research
• Malware Intelligence Blog. A division of MalwareIntelligence
• McAfee Labs | Blog Central
• Schneier on Security
• Security | ITworld
• Security Blogs Security Response | Symantec Connect Community
• SecurityFocus Vulnerabilities Search
• Wired Threat Level

Security Books

• BackTrack 5 Wireless Penetration Testing Beginner's Guide
• Ghost in the Wires: My Adventures As the World's Most Wanted Hacker
• HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
• Hacking Web Apps: Detecting and Preventing Web Application Security Problems
• Metasploit: The Penetration Tester's Guide
• Seven Deadliest Web Application Attacks (Seven Deadliest Attacks)
• Social Engineering: The Art of Human Hacking
• The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress Basics Series)
• The Basics of Web Hacking: Tools and Techniques to Attack the Web
• The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
• Web Application Security, A Beginner's Guide
• Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast