Pentester's Blog: This tangential research relates to my avocation.
Thursday, August 25, 2011
Dissecting Java Server Faces for Penetration Testing
This paper sheds light on the findings of security testing of Java Server Faces. JSF has been widely used as an open source web framework for developing efficient applications using J2EE. JSF is compared with ASP.NET framework to unearth potential security flaws.
This paper is an outcome of my work at Cigital Labs. It is a collaborative work with Security Compass team.