WebSockets and Meteor: Attacking Meteor Applications with eighthundredfeet
A starting point for a comprehensive pen test on any application written using the Meteor framework. In addition to exploiting some of the framework’s inherent vulnerabilities, it contains a set of classes that can help script a variety of attacks.
WebSockets and Meteor: A Penetration Tester’s Guide to Meteor
This post introduces Meteor, a JavaScript framework that makes heavy use of WebSockets, and describes its attack surface and vulnerabilities.