I am working on analysing a password manager web plugin. I need to test the web plugin for vulnerabilities. The Password manager web plugin interacts with its counterpart -- which is an independent desktop application for its functioning. The password manager desktop application is capable of holding passwords which the user saves. Once the user installs the web plugin, the plugin interacts with the desktop application in order to retrieve the user related details and auto fills in the corresponding web page's login form.
The below are the two questions I have:
-
How does a web plugin interacts with a desktop application. I have searched in net but was not lucky enough to get a clear documentation. So, any pointers with a good explanation will be really helpful.
-
What are the different ways a web plugin be Pen tested for vulnerabilities.
Aucun commentaire:
Enregistrer un commentaire