Cross Domain Ajax Sniffer - Proof of concept
http://myappsecurity.blogspot.com/2007/01/ajax-sniffer-prrof-of-concept.html
後で読む
こっちの方が面白いかも?
http://myappsecurity.blogspot.com/2007/01/breaking-same-origin-barrier-of.html
http://myappsecurity.blogspot.com/2006/11/comparison-between-appscan-vs.html
http://myappsecurity.blogspot.com/2006/11/correction-comparison-between-appscan.html