Continuous client-side IAST/DAST Hybrid approach for Single-Page-Applications
Tasos Laskos 2 min read
Continuous client-side IAST/DAST Hybrid approach for Single-Page-Applications

Some very interesting technology was presented a few days ago in the following articles: Following the data: Taint-tracing in the...

Read more
Tasos Laskos 1 min read
Following the execution: Taint-tracing in the JS environment

In our previous article we discussed data-flow tracing, i.e. following a piece of data as it travels through the JS...

Read more
Tasos Laskos 1 min read
Following the data: Taint-tracing in the JS environment

Frustratingly enough, something fishy is going on with an input you're manually checking but you can't quite put your finger...

Read more
Tasos Laskos 2 min read
Extracting input traits to help with manual pentests

So, suppose we're preparing a manual penetration test of a web application; wouldn't it be nice to be able to...

Read more