Loading…
The Open Web Application Security Project (OWASP) Los Angeles Chapter has teamed up with the Orange County, Inland Empire, San Diego, and San Francisco Bay Area chapters to bring you another great AppSec California. Join us and your peers for amazing talks and networking on January 22-25, 2019!
Back To Schedule
Friday, January 25 • 9:40am - 10:05am
Lightning Talk: Endpoint Finder - A static analysis tool to find web endpoints

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
JavaScript files contain an increasing amount of information about server endpoint. Existing tools use regex search patterns to extract this information statically. This kind of approach has several limitations. With static code analysis, we can get more accurate results with less false positives. This talk will cover how to use static code analysis to achieve this goal.

Endpoint Finder is a tool that extracts endpoint URL from JavaScript file. It also provides information about the method and the parameters of each endpoint. The tool is available as a plugin for Burp and Zap.
Speakers
avatar for Olivier Arteau

Olivier Arteau

Desjardins, Olivier Arteau
Olivier Arteau is a security advisor at the financial cooperative Desjardins. He was a Web developer during his early days and later transitioned into the security field. He has an undergraduate degree from Ecole de Technologie Superieure, a Canadian university. In the last few years... Read More →

AppSecCali EndpointFinder pptx
Friday January 25, 2019 9:40am - 10:05am PST
Terrace Lounge
  Talk: Break It