bruce wrote:
rob, i'm fully aware of the issues, and for the targeted sites that i'm focusing on, i can employ strategies to prune the tree... but the overall issue is that i'm looking for a tool/app/process that does what i've described. the basic logic is that the app needs to use a config file, and that the app should somehow find the requisite form using perhaps xpath, in combination with some kind of pattern recognition/regex functionality... once the app has the form, it can then get the underlying "stuff" (selects/lists/items, etc.. which will form the basis for the querystrings to the form action...
Don't know of anything that does this off hand but it'd be a good project for a security check app :) See what values/options the form accepts and what it fails with..
-- Postgresql & php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
