At Brucon 2012 I had the privilege to present and demo VSA, the Virtual Scripted Attacker, a tool I had been working on with a great team of very talented people for a number of months.
The talk was only 5 minutes long (a Lightning talk) so the presentation is brief.
VSA is the first fully automated DOM XSS scanner ever created, capable of finding many more bugs than any other similar tools.
The VSA Team that made this happen was:
- Dr. Ing. Mario Heiderich (XSS PhD!) <-- For all questions please ask Mario :)
- Gareth Heyes
- Abraham Aranguren
- Alfred Farrugia
- Frederik Braun
The slides can be found here:
I was interviewed about VSA, OWASP OWTF and other things at EuroTrash 32: