Abstract

From its humble beginnings many years ago, JavaScript has been steadily evolving and has now become a powerful and popular language, especially with HTMLS. It is not uncommon to see Web Applications that contain more lines of JavaScript code in them than the number of lines of server-side code. In the HTMLS and mash-up world there are a lot of critical features being implemented on the client-side with JavaScript.All this additional power does come with its security implications. It is absolutely essential that JavaScript code is tested for all of the known client-side vulnerabilities. Testing JavaScript for vulnerabilities is still a relatively new art and there are very few tools available for the same. In this talk you will learn about the various JavaScript related vulnerabilities to look out for, the techniques to test for them and how IronWASP can be used to perform JavaScript vulnerability hunting with relative ease.

• removed video https://www.youtube.com/watch?v=iDBmfxV2-jQ