White-box penetration testing: How to debug for JavaScript vulnerabilities
This is a guide to performing white box penetration testing on a JavaScript web application running within a Docker container. In testing a web application vulnerable to prototype pollution, we will demonstrate how to debug JavaScript inside Visual Studio Code in order to track our payloads throughout the code process and learn how security filters can hide vulnerabilities from view.
You can find the full article on YesWeHack’s blog page
This post is licensed under CC BY 4.0 by the author.