Hacking Web 2.0 JavaScript: Reverse engineering, discovery and revelations

Today, applications are becoming increasingly dependent on the Internet as a foundation platform.

As the application domain increases worldwide, the variety of web content rises above HTML with the usage of JavaScript, Flash and Silverlight.

Since these applications are growing and becoming crucial, this paper wants to throw light on the methods that can be used to look for security loopholes such as XSS (Cross-Site Scripting) in JavaScript, specific to the Web 2.0 implementations of the same which consumes information from untrusted sources. The methods described pertain to static as well as dynamic analysis.

Download the paper in PDF format here.