In 2006 we had the first JavaScript port scanner. The same year we saw the incarnation of more advanced tools such as AttackAPI, Carnaval and Backframe.

A year later we saw several decent attempts to create complete security tools designed to run with nothing else but web technologies. That was just the start.

This video from Hack in The Box 2012 aims to show the progress that has been made in the past six years in terms of security tools developed entirely with the help of browser technologies.

The presentation will take you on a journey through the years, exploring some of the interesting attack techniques used in the past, bringing back some of the important discussions and eventually reaching the culmination when modern tools and technologies will be shown and explained.



About the author

Petko D. Petkov is founder and leading member of the GNUCITIZEN Information Security Think Tank. He is a recognized information security researcher, security tools developer, penetration tester, frequent speaker at industry events, and published author who has contributed to several best-selling books, numerous popular blogs and online magazines. His current endeavour is an ambitious project called Websecurify, a web application security testing toolkit designed with simplicity in mind.