Quite a while back there was an article on Securityfocus by Shreeraj Shah on hacking on web 2.0 apps. It was very basic, but it had some tidbits in there that I wanted to keep an eye on for later. It shows how to use Firebug, which is something I'm a newb at, to inspect web pages for client side logic, validation, XMLHTTPRequests, etc. I'm doing another project on web app security at school and am going to focus on javascript, ajax, XSS, CSRF and look at javascript worms. It should be a fun project and allow me to take a narrower look at part of webapp sec. The article should provide me with a little more guidance as I dig into this further.
http://www.securityfocus.com/infocus/1879
