Reflected File Download (RFD) is a type of attack that allows an attacker to obtain total control of a victim’s workstation by virtually downloading a file from a trusted domain (like Google.com & Bing.com). Oren Hafif, a Trustwave SpiderLabs security researcher, identified this web attack method in 2014.
The main checkpoints for RFD are JSON and JSONP APIs, which are used by the majority of current online apps. You will be able to identify candidates for testing with the use of internet security technologies such as ZOFixer.
ZOFixer.com security scan helps to find this vulnerability in your software and server, you can easily use it by registering on our website and activating the 30-day trial.