Loading…
Deadwood 2020 (Virtual Con)
Back To Schedule
Friday, September 25 • 2:00pm - 2:50pm
Developer Tools as Webapp Pentesting Trainer

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Ever since “view source” in the earliest web browsers, it’s been easy to see exactly what’s going on in a webapp and in the browser. Every webapp you ever use has no choice but to give you the (client-side) source code! It’s almost like there’s no such thing as a “black box” webapp pentest if you think about it… We’ll look at the Developer Tools in the latest Firefox with a pentester’s eye. Inspect and change the DOM (Document Object Model), take screenshots, find and extract key bits of data, use the console to run Javascript in the site’s origin context, and even pause script execution in the debugger if things go too fast... Maybe we’ll convince you that you can realistically do a big chunk of a webapp pentest without ever leaving the browser.

Speakers

Friday September 25, 2020 2:00pm - 2:50pm MDT
Track 1