The following post is a wrap up of a presentation I made for Google thanks to a very interesting initiative to meet web security researchers and Google security engineers - Thanks for the opportunity, BTW!
Here's why we developed JStillery.
An internal product that helps us for:
- Analysis of JS malware samples extracted from AMT logs
- JS Normalization for Malware classification
- Automatic support for exploiting DOM Based XSS on custom, minimized libraries using DOMinatorPro
- WAF Analysis of XSS Payloads
and a short video that shows what JStillery can do:
Comments are always welcome!