How To Perform Web Application Security Testing With Browsers
Can you perform web application security testing just using a browser? Think of a scenario where you have to do security testing in a limited environment where you have no access to run scripts or tools — all you have is a browser. This guide looks at web application security testing from such a locked down scenario.
The goal is to cover as many security test cases as possible from a browser. Even though it’s not possible to perform all web application related security test cases from browsers, some coverage is better than no coverage. A browser alone cannot replace conventional web application security testing methodologies which involve proxies and scanners. Relying completely on security tests that can be done from a browser is never recommended, but there may be times when you only have access to a browser.
Check out the full guide including demos on how to perform web application testing with browsers here: https://dzone.com/articles/web-app-security-testing-with-browsers
Authored by Abhi Balakrishnan, Security Consultant — https://www.linkedin.com/in/abhimbalakrishnan