Ari Kesäniemi (NIXU). Contact <ari.kesaniemi@nixu.com> for more information.
The purpose of the analyzer is to find vulnerabilities in dynamic web code. Typical target is to find DOM-based XSS vulnerabilities in jQuery code, but analysis must not be limited to only this combination (e.g. other libraries and HTML5 API should be considered).
The main focus of the tool is to identify a certain set of function calls in the source and perform data flow analysis for them to identify tainted data usage, e.g. considering callback functions, parameter passing and other non-trivial constructs.
The analyzer works as a static analysis tool and can be a stand-alone program. It must work cross-platform, but choice of implementation technology is not fixed. The system must employ a Mozilla JavaScript parsing library, e.g. Rhino.
Input for the analyzer is the Javascript code to be analyzed, in form of a set of files. As an optional feature there can be functionality to crawl or otherwise collect the necessary files over the network.
Will be decided upon project start.
The team is expected to have the following skills:
The team will get necessary induction for Web 2.0 security issues from Nixu.
Projekti toteutetaan laitoksen yleisen lisenssisopimuksen alaisuudessa.