Discover a powerful static analysis tool for extracting web endpoints from JavaScript files in this 22-minute lightning talk from AppSecCali 2019. Learn how Endpoint Finder overcomes the limitations of regex-based approaches, providing more accurate results with fewer false positives. Explore the tool's capabilities in extracting endpoint URLs, methods, and parameters, and its availability as a plugin for Burp and Zap. Gain insights from Olivier Arteau, a security advisor at Desjardins, as he shares his expertise in leveraging static code analysis for improved web security assessment.
Endpoint Finder: A Static Analysis Tool for Web Endpoint Discovery - Lightning Talk
Overview
Syllabus
AppSecCali 2019 Lightning Talk - Endpoint Finder: A static analysis tool to find web endpoints
Taught by
OWASP Foundation
Related Courses
-
Application Security
-
Creating Accessible Security Testing with ZAP - AppSecCali 2019 Lightning Talk
-
Open-Source OWASP Tools for Enhancing Penetration Testing Coverage
-
Application Security for Developers and DevOps Professionals
-
Improving Dynamic Vulnerability Scanners with Static Code Analysis
-
Static Analysis for Dynamic Assessments - OWASP AppSecUSA 2014
