party code components that are being used within the application. You

can review the documentation for these components to understand their

intended behavior and assumptions. You can also create your own local

implementation and test this to understand the ways in which it handles

unexpected input and potentially identify vulnerabilities.

■■

The call stack includes the names of the proprietary code components

interrelationships between them may allow you to infer details about

the internal structure and functionality of the application.

■■

The stack trace often includes line numbers. As with the simple script

understand the internal logic of individual application components.

■■

The error message often includes additional information about the

ing example, you can determine the exact version of the ASP.NET plat-

form being used. This enables you to investigate the platform for

known or new vulnerabilities, anomalous behavior, common configura-

tion errors, and so on.