I've been recently going around the web for a couple of challenges that AJAX faces. One thing that struck me was the web application scanners. I've seen a few vendors (i don't to mention any vendor or product name here) products that claim that they have javascript parsers and support for AJAX driven applications. My personal experience with these tools is that they could not spare well against apps that are heavily JavaScript driven and with the introduction of AJAX based apps it's a case of uncertainity in choosing the right product (if at all there can be one which can progress in auditing AJAX applications). Do any of you have any insights or experinces on these tools against AJAX based apps.
Thanks
Rajesh
------------------------------------------------------------------------
-
This List Sponsored by: SpiDynamics
ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gR
l
------------------------------------------------------------------------
--
I've been recently going around the web for a couple of challenges that AJAX faces. One thing that struck me was the web application scanners. I've seen a few vendors (i don't to mention any vendor or product name here) products that claim that they have javascript parsers and support for AJAX driven applications. My personal experience with these tools is that they could not spare well against apps that are heavily JavaScript driven and with the introduction of AJAX based apps it's a case of uncertainity in choosing the right product (if at all there can be one which can progress in auditing AJAX applications). Do any of you have any insights or experinces on these tools against AJAX based apps.
Thanks
Rajesh
------------------------------------------------------------------------
-
This List Sponsored by: SpiDynamics
ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gR
l
------------------------------------------------------------------------
--
[ reply ]