June 2018
Intermediate to advanced
294 pages
7h 5m
English
Content preview from Practical Web Penetration Testing
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
External factors
There is always a possibility that your client's application will interact with third-party services and a remote infrastructure. As I mentioned previously, you need a lawyer by your side to advise you about your tests. You need to ask your client the following important questions regarding the third parties that he deals with.
Does your client application interact with the third-party web service? If the answer is yes, then you need to ask your client's permission to investigate the third-party activities. If your client agrees, then you need to ask them to organize a meeting with the third-party's representative. During the interview with the third party, ask the following questions:
- Does the third party collect information ...