allways the same problem with browser based attacks ... you have to setup a huge number of testsystems to check all the different IE and/or FF versions.
The following installers give you the possibility to use some different versions on the same hostsystem:
- Final Builds Site - Edskes Software Mozilla Firefox Collection
You can find a few snapshots on my blog ... Browser Collection for Client Side Attacks | www.s3cur1ty.de
Last edited by m-1-k-3; 02-02-2010 at 11:47 AM. Reason: fixed link
This is awesome! Thanks for sharing the info m-1-k-3! I too was wondering how to test on older browsers, now I'm all set. Nice!
We looked into this @ my company as our deliverables are web based, and we actually ended up with an external tool that does all sorts of compatibility checks etc. For specific vulnerability identification though collection is a pretty good approach, though it has some quirks if i remember (some stuff doesnt work quite right).
I believe its called litmus app - rather useful tool actually.