Garth Boyd
Senior Application Security/Cloud Security Architect specializing in Secure Software Architecture and security research with experience supporting development organizations. Founder of DeviousPlan, a boutique security firm specializing in Security Architecture, Threat Modelling, Securing the public cloud, Security Training and Penetration Testing. A lifelong learner who enjoys crafting solutions to interesting and tough problems and thinking of six impossible things before breakfast.
He/Him
De quel pays êtes vous? –Canada
Votre compte twitter ou autre réseau social –@garthoid
Intervention
Client-side JavaScript plays a crucial role in the development and functionality of Single Page Applications (SPAs) prevalent in modern web applications. Unfortunately, JavaScript code delivered to the browser can contain sensitive information due to development error, oversight, or misunderstanding. These details can provide attackers with a variety of insights that can be leveraged to exploit vulnerabilities in a web application. This presentation delves into the techniques and tools essential for performing comprehensive reconnaissance on client-side JavaScript files, aiming to uncover hidden endpoints, sensitive information, and potential security vulnerabilities. Attendees will gain practical knowledge on the importance of reconnaissance, the types of tools available, and how to effectively analyze client-side JavaScript files to gather actionable intelligence. This presentation is ideal for cybersecurity professionals, web developers, and penetration testers who are keen to deepen their understanding of client-side security. It provides valuable insights for anyone involved in securing modern web applications and protecting sensitive data from unauthorized access.