Security/Meetings/Automation/2013-11-19
From MozillaWiki
< Security | Meetings | Automation
Agenda
- we really need to find a time that works for all...
Status Updates
- freddyb
- makes escape-artist work with handling binary data & innerHTML properly (requires php now)
- psiinon
- has been preparing for a talk at appsec USA.
- has got basic DOM XSS fuzzing happening in ZAP. It's kinda crusty (in mgoodwin's opinion) but that's mostly mgoodwin's fault.
- mgoodwin
- Did a crappy XSS bug oracle in the PnH probe.
- Helped diagnose some bugs in psiinon's code.
- Did a little work on ringleader impls. of what psiinon has got working with the content probe
- Has mostly been working on secreviews this week
- ulfr
- No recent work on MIG. Worked on Risk Assessment for Mozilla. Goal is to have standard risk levels that we can use in other tools as well.
- stefan
- dchan
- N/A I actually made it to the meeting