Re: Testing a web app with heavy JS use

From: Rogan Dawes (discard@dawes.za.net)
Date: Mon Sep 13 2004 - 07:57:16 EDT

• Next message: Ferino Mardo: "RE: virus product pentest"
• Previous message: GMHoward: "Re: Problem with Hacme Bank Install"
• In reply to: tblinux@covad.net: "Testing a web app with heavy JS use"
• Next in thread: Ben Timby: "Re: Testing a web app with heavy JS use"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Use a proxy based pen-test tool such as WebScarab, Achilles, SpikeProxy,
Paros, Snark . . . .

Rogan

tblinux@covad.net wrote:

> Anybody know of a good way to strip or catch and manipulate input to a web app
> that uses JS to do error checking AND specify the input target address? ...oh
> and the "submit button" is JS driven too...
>
> Other than hand editing 30 screens of JS code?
>
>
> ------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> -------------------------------------------------------------------------------
>
>

-- 
Rogan Dawes
*ALL* messages to discard@dawes.za.net will be dropped, and added
to my blacklist. Please respond to "lists AT dawes DOT za DOT net"
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

• Next message: Ferino Mardo: "RE: virus product pentest"
• Previous message: GMHoward: "Re: Problem with Hacme Bank Install"
• In reply to: tblinux@covad.net: "Testing a web app with heavy JS use"
• Next in thread: Ben Timby: "Re: Testing a web app with heavy JS use"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:05 EDT