« New Version 1.1 of AJAX-Powered dhtmlxGrid Comes Out | Main | AJAX: Creating Web Pages with Asynchronous JavaScript and XML »

Hacking Web 2.0 Applications with Firefox

Security Focus have a new article describing some techniques to assess web 2.0 applications with Firefox : Discovering hidden calls, Crawling challenges and browser simulation, and Logic discovery & dissecting applications. There is no doubt that there is a great set of tools around Firefox which make development and debug easy, and as said the author "one of the efficient methodologies of assessing applications is by effectively using a browser". Or in other words using Firefox.

In this article we have seen three techniques to assess web 2.0 applications. By using these methodologies it is possible to identify and isolate several Ajax-related vulnerabilities. Browser automation scripting can assist us in web asset profiling and discovery, that in turn can help in identifying vulnerable server-side resources.

Next generation applications use JavaScript extensively. Smooth debugging tools are our knights in shining armor. The overall techniques covered in this article is a good starting point for web 2.0 assessments using Firefox.

Posted by Hatem on October 14, 2006 2:16 PM to AJAX Experience | AJAX Security |

Bookmark this article at these sites
Post a comment





(Email will remain hidden)





Please enter the security code you see here




Related entries
Email to a friend
Email this article to:


Your email address:


Message (optional):