Javascript static analysis with IronWASP-Lavakumar, nullcon Goa 2012

Description: From its humble beginnings many years ago, JavaScript has been steadily evolving and has now become a powerful and popular language, especially with HTML5. It is not uncommon to see Web Applications that contain more lines of JavaScript code in them than the number of lines of server-side code. In the HTML5 and mash-up world there are a lot of critical features being implemented on the client-side with JavaScript. All this additional power does come with its security implications. It is absolutely essential that JavaScript code is tested for all of the known client-side vulnerabilities. Testing JavaScript for vulnerabilities is still a relatively new art and there are very few tools available for the same. In this talk you will learn about the various JavaScript related vulnerabilities to look out for, the techniques to test for them and how IronWASP can be used to perform JavaScript vulnerability hunting with relative ease.

Download IronWASP from here: IranWASP

<-- adsense -->