Shreeraj Shah has published an article at SecurityFocus.
AJAX and interactive web services form the backbone of "web 2.0" applications. This technological transformation brings about new challenges for security professionals.
This article looks at some of the methods, tools and tricks to dissect web 2.0 applications (including Ajax) and discover security holes using Firefox and its plugins. The key learning objectives of this article are to understand the:
=> web 2.0 application architecture and its security concerns.
=> hacking challenges such as discovering hidden calls, crawling issues, and Ajax side logic discovery.
=> discovery of XHR calls with the Firebug tool.
=> simulation of browser event automation with the Chickenfoot plugin.
=> debugging of applications from a security standpoint, using the Firebug debugger.
=> methodical approach to vulnerability detection.
Read more at SecurityFocus...
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- My 10 UNIX Command Line Mistakes
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
Facebook it - Tweet it - Print it -
We're here to help you make the most of sysadmin work. So, subscribe!
