Hacking Web 2.0 Applications with Firefox

AJAX and interactive web services form the backbone
of “web 2.0” applications. This technological transformation brings
about new challenges for security professionals.

This article looks at some of the methods, tools and tricks to dissect
web 2.0 applications (including Ajax) and discover security holes using
Firefox and its plugins. The key learning objectives of this article
are to understand the:

  • web 2.0 application architecture and its security concerns.
  • hacking challenges such as discovering hidden calls, crawling issues, and Ajax side logic discovery.
  • discovery of XHR calls with the Firebug tool.
  • simulation of browser event automation with the Chickenfoot plugin.
  • debugging of applications from a security standpoint, using the Firebug debugger.
  • methodical approach to vulnerability detection.

I guess it's Ajax hacking day.  This article comes from Security Focus.

Advertisements

Author: Xavier Ashe

Entrepreneur, Infosec Executive, CISSP, CISM, Ironman triathlete, traveler, UU, paleo, father of 8, goyishe, gamer, & geek. http://linkedin.com/in/xavierashe

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s