March 25, 2007

JavaScript bug hunting tool demonstrated

A security researcher at ShmooCon on Saturday demonstrated, but did not release, a tool that turns the PCs of unknowing Web surfers into hacker help. As expected, SPI Dynamics researcher Billy Hoffman demonstrated a Web application vulnerability scanner written in JavaScript. The tool, called Jikto, can make an unsuspecting Web user's PC silently crawl and audit public Web sites, and send the results to a third party, Hoffman said.



  • Security
Click Here!