Introduction

In this video walk-through, we covered conducting security review for a web application using browser developer tools.

In this room you will learn how to manually review a web application for security issues using only the in-built tools in your browser. More often than not, automated security tools and scripts will miss many potential vulnerabilities and useful information.

Here is a short breakdown of the in-built browser tools you will use throughout this room:

  • View Source – Use your browser to view the human-readable source code of a website.
  • Inspector – Learn how to inspect page elements and make changes to view usually blocked content.
  • Debugger – Inspect and control the flow of a page’s JavaScript
  • Network – See all the network requests a page makes.

Answers

What is the flag from the HTML comment?

What is the flag from the secret link?

What is the directory listing flag?

What is the framework flag?

What is the flag behind the paywall?
What is the flag in the red box?
What is the flag shown on the contact-msg network request?
Video Walk-Through

 

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles