Launching Client-Side Attacks
Web application testing rightfully focuses on the application we're testing and its supporting infrastructure. Most attacks we've focused onto this point have been interested in either knocking on the front door of that web application or hitchhiking on client sessions to gain illicit access. Our customers spend all of their security budget fortifying that infrastructure, with some of it geared toward the web application's own hardening. That being said, who is taking care of their clients?
Between the increased exposure of the client itself as well as the susceptibility of the user, we'll have a variety of vectors to test. The staggering number of software combinations and user behaviors overlap with other services ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access