# SecNiche Security Labs #

					,-.______________,=========,
					[|..)_____________)#######((_
					/===============..-..___,--".._\
					"-._,__,__[ BooM ]____\.########/
						 \...(...).)).#### O##(
						  \..\____/,..#######\
						   ===="....\########\
							     \########\
							      )###O####|
							      )########,"
							      )########,"
					      			..-----."."

Dissecting Java Server Faces for Penetration Testing

This paper sheds light on the findings of security testing of Java Server Faces. JSF has been widely used as an open source web framework for developing efficient applications using J2EE. JSF is compared with ASP.NET framework to unearth potential security flaws. This paper is an outcome of my work at Cigital Labs. It is a collaborative work with Security Compass team.

A must read for the auditors and security testers who want to audit and pentest Java Server Faces.

[DOWNLOAD]

Dissecting Java Server Faces for Penetration Testing
View more documents from Aditya K Sood

HTML Counter
© 2010 SecNiche Security Labs