Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Obfuscation of JSPs?

from [Burke, Charles] Network Security [Permanent Link]
Subject: RE: Obfuscation of JSPs?
Date: Wed, 29 Dec 2004 14:50:40 -0500 
What java container are you using?
I have successfully precompiled the JSP into class files and package
into jar then obfuscate.

Charles Burke
Information Protection
Home Depot

-----Original Message-----
From: Dean Saxe [mailto:Dean.Saxe@DigitalInsight.com] 
Sent: Tuesday, December 21, 2004 11:14 AM
To: webappsec@securityfocus.com
Subject: Obfuscation of JSPs?


I'm currently working on a project to do code obfuscation for a J2EE
application.  We've already identified DashO Pro to obfuscate class
files, but I have been unable to find any similar technologies to apply
to JSPs. My research has been a bust so far!  

What, if anything, are people using to obfuscate JSPs?

Thanks!
-dhs

Dean H. Saxe, CEH
Manager of Web Application Security
Digital Insight, Magnet Business Solutions Dean.Saxe@digitalinsight.com 
770-349-1514 
"In theory, theory and practice are the same. In practice, they are
not."

Please be advised that the information contained in this communication
may be confidential and is intended only for the use of the individual
or entity named above. Any other use, dissemination, distribution or
copying of this communication is strictly prohibited. If you are not the
intended recipient, please notify the sender immediately and delete this
message.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Web Application Security Testing Procedures, Lecia McCalla
Next by Date:  Re: Web Application Security Testing Procedures, Hernán M. Racciatti
Previous by Thread:  Re: Obfuscation of JSPs?, Alexander Klimov
Next by Thread:  RE: Whitepaper "SESSION RIDING - A Widespread Vulnerability in To day's Web Applications", Evans, Arian
Indexes:  [Date] [Thread] [Top] [All Lists]