Skip to main content
Information Security

Return to Answer

spelling, sentence structure, reduced the chattiness
Source Link
schroeder
schroeder
  • 134k
  • 55
  • 309
  • 356

YouBecause you are using Google Chrome Developer Tools, Okay here some information from my experience:

  • COULD BE, COULD BE that the User Agent change is not being applied in the website, gotta tell you that. Mobile User Agent Emulator in Google Chrome Developer Tools is not really really efficient, Sometimessometimes it works and sometimes not,. Depends of the user agent detection of the website (WEbWeb Mobile Developer),. You should try with Firefox of maybe with a Android Emulator.
  • If you are good with HTML, you should disable JavaScript, ONLY FOR SECURITY PURPOSES, disabling it with the Developer Tools or using NoScript plugins.
  • Tag analysis in start page and page footer as. As a Web Mobile Developer we always try to put all the Scriptscripts in the header or the footer of the page just for chargeloading and better user experience,. An attacker can check a lot of validations of your Mobile Device before chargeloading the entire page, so start with the Headerheader.
  • Check Network tab in Developer Tools this. This is useful to know what is being chargedloaded in the page,. Maybe not only that page is being loaded but also an attacker could load iframes just for device checking.

You could try all this in your Pentesting.

Ahh. And another thing.: Always verify HTTP headers and Reponse,Response. In the network tab, you could check what server is the attacker is using and maybe some Page Error Pentesting could work.

Greetings and Have a Cool Pentesting.

You are using Google Chrome Developer Tools, Okay here some information from my experience:

  • COULD BE, COULD BE that the User Agent change is not being applied in the website, gotta tell you that Mobile User Agent Emulator in Google Chrome Developer Tools is not really really efficient, Sometimes works and sometimes not, Depends of the user agent detection of the website (WEb Mobile Developer), You should try with Firefox of maybe with a Android Emulator.
  • If you are good with HTML you should disable JavaScript, ONLY FOR SECURITY PURPOSES, disabling it with the Developer Tools or using NoScript plugins.
  • Tag analysis in start page and page footer as a Web Mobile Developer we always try to put all the Script in the header or the footer of the page just for charge and better user experience, An attacker can check a lot of validations of your Mobile Device before charge the entire page so start with the Header.
  • Check Network tab in Developer Tools this is useful to know what is being charged in the page, Maybe not only that page is being loaded but also an attacker could load iframes just for device checking

You could try all this in your Pentesting.

Ahh. And another thing. Always verify HTTP headers and Reponse, In the network tab you could check what server is the attacker using and maybe some Page Error Pentesting could work.

Greetings and Have a Cool Pentesting.

Because you are using Google Chrome Developer Tools, here some information from my experience:

  • COULD BE that the User Agent change is not being applied in the website. Mobile User Agent Emulator in Google Chrome Developer Tools is not really efficient, sometimes it works and sometimes not. Depends of the user agent detection of the website (Web Mobile Developer). You should try with Firefox of maybe with a Android Emulator.
  • If you are good with HTML, you should disable JavaScript, ONLY FOR SECURITY PURPOSES, disabling it with the Developer Tools or using NoScript plugins.
  • Tag analysis in start page and page footer. As a Web Mobile Developer we always try to put all the scripts in the header or the footer of the page just for loading and better user experience. An attacker can check a lot of validations of your Mobile Device before loading the entire page, so start with the header.
  • Check Network tab in Developer Tools. This is useful to know what is being loaded in the page. Maybe not only that page is being loaded but also an attacker could load iframes just for device checking.

And another thing: Always verify HTTP headers and Response. In the network tab, you could check what server the attacker is using and maybe some Page Error Pentesting could work.

Source Link
NathanWay
NathanWay
  • 559
  • 8
  • 15

You are using Google Chrome Developer Tools, Okay here some information from my experience:

  • COULD BE, COULD BE that the User Agent change is not being applied in the website, gotta tell you that Mobile User Agent Emulator in Google Chrome Developer Tools is not really really efficient, Sometimes works and sometimes not, Depends of the user agent detection of the website (WEb Mobile Developer), You should try with Firefox of maybe with a Android Emulator.
  • If you are good with HTML you should disable JavaScript, ONLY FOR SECURITY PURPOSES, disabling it with the Developer Tools or using NoScript plugins.
  • Tag analysis in start page and page footer as a Web Mobile Developer we always try to put all the Script in the header or the footer of the page just for charge and better user experience, An attacker can check a lot of validations of your Mobile Device before charge the entire page so start with the Header.
  • Check Network tab in Developer Tools this is useful to know what is being charged in the page, Maybe not only that page is being loaded but also an attacker could load iframes just for device checking

You could try all this in your Pentesting.

Ahh. And another thing. Always verify HTTP headers and Reponse, In the network tab you could check what server is the attacker using and maybe some Page Error Pentesting could work.

Greetings and Have a Cool Pentesting.