Talk about 3rd party application. How they can help us in pentest?
- RCE from file upload
- Sad consequence via simple XSS
- Desktop applications (Electron XSS == RCE)
- RCE via scheme file:// and tricks
- A few words about mobile applications, 3rd party SDK and malware