
I think an attack vector that is often under-analyze is the web service. There’s no user interface, so what’s the real danger? Cross-Site Scripting (which accounts for about 53% of all application vulnerabilities) is completely useless since there is no HTML response. And how would one even use this tool without a user interface? Well, […]