ARTICLE Groundspeed v1.0.1 in the wild

Friday 11 December 2009 - 592 read - ( Keywords : Groundspeed , Penetration testing & Ethical Hacking )

Groundspeed is an open-source Firefox add-on that allows you to modify the web application interface during a penetration test by manipulating the forms and form elements loaded in the browser page, eliminating annoying limitations and client-side controls.

Some of the practical uses of groundspeed include changing hidden fields, select drop down lists and other fields into text fields, removing size and length limitations on input fields and modifying JavaScript event handlers to bypass client side validation without actually removing it.

Tool submitted by Felipe (felipe@wobot.org)


POSTSCRIPTUM

Download


COMPLIANCE MANDATES

Penetration testing & Ethical Hacking : PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2


RELATED ARTICLES

Groundspeed, Penetration testing & Ethical Hacking,

11 December 2009 : Groundspeed v1.0.1 in the wild