Filters








5,671 Hits in 12.8 sec

Assessment of Web Scanner Tools

Rawaa Mohammed
2016 International Journal of Computer Applications  
In this paper an analytical comparison is present on six open source web scanners by using manual and automatic testing of the chosen test beds then analyzing these results to assess the scanners.  ...  General Terms Vulnerabilities detection, Web scanners, assessment of open source tools.  ...  INTRODUCTION The need for an automated scanner to check the flaws, vulnerabilities of websites is very important today. Web tester examines web application to identify the potential weak points.  ... 
doi:10.5120/ijca2016907794 fatcat:vc7uikflcjfbjbz7ygkxw4scoa

Automating Penetration Testing Within Ambiguous Testing Environment

Lim Kah Seng, Norafida Ithnin, Syed Zainudeen Mohd Shaid
2018 International Journal of Innovative Computing  
Thus, in this paper, the state-of-the-art of black box web application security scanner is systematically reviewed, to investigate the approaches for detecting web application vulnerability in an ambiguous  ...  Web application security scanner is such kind of program that is designed to assess web application security automatically with penetration testing technique.  ...  WEB AAPLICATION SECURITY SCANNER Web application security scanner is a computer program that automatically scans a web application for web application vulnerability detection.  ... 
doi:10.11113/ijic.v8n3.180 fatcat:alfz4ftlnzau3d2czw7p625ika

Black-box Fuzzing Approaches to Secure Web Applications: Survey

Aseel Alsaedi, Abeer Alhuzali, Omaimah Bamasag
2021 International Journal of Advanced Computer Science and Applications  
Thus, web apps' developers should identify vulnerabilities and fix them before an attacker exploits them.  ...  Using blackbox fuzzing techniques for vulnerability identification is very popular during the web apps' development life cycle.  ...  Acunetix [14] is a commercial tool for automatic scanning web applications. It crawls web applications, even the AJAX-heavy ones.  ... 
doi:10.14569/ijacsa.2021.0120599 fatcat:alddaqyuszg6tckuj5xou3uovi

Web Unique Method (WUM): An Open Source Blackbox Scanner for Detecting Web Vulnerabilities

Muhammad Noman, Muhammad Iqbal, Muhammad Talha, Vishal Jain, Hira Mirza, Kamran Rasheed
2017 International Journal of Advanced Computer Science and Applications  
However, these scanners cannot challenge all web vulnerabilities.  ...  We believe that in order to encounter these vulnerabilities; the web application vulnerabilities scanner should have strong detection and prevention rules to ease the problem.  ...  In order to support testers there is another methodology for analyzing the web vulnerabilities in web applications.  ... 
doi:10.14569/ijacsa.2017.081254 fatcat:lspa4wvsubcshnydczasi5ylze

Web Applications Security and Vulnerability Analysis Financial Web Applications Security Audit – A Case Study

Tiago Vieira, Carlos Serrão
2016 International Journal of Innovative Business Strategies  
This article focus on the analysis of the results of security audits conducted on several financial web applications from one institution with aid of automatic tools in order to assess their web applications  ...  As a way to test security in infrastructures, networks, deployed web applications and many other assets, organizations have been performing penetration testing which simulates an attacker's behavior in  ...  Web scanners are capable of automatically building the entire web application tree structure for analysis and possible attack exploration and vulnerabilities identification. 4.  ... 
doi:10.20533/ijibs.2046.3626.2016.0014 fatcat:qnxgm6pz2ngwrneqtdbrltjbsy

Analysis of the effect of Java software faults on security vulnerabilities and their detection by commercial web vulnerability scanner tool

Tania Basso, Plinio Cesar Simoes Fernandes, Mario Jino, Regina Moraes
2010 2010 International Conference on Dependable Systems and Networks Workshops (DSN-W)  
In many cases, software faults are responsible for security vulnerabilities which are exploited by hackers. Automatic web vulnerability scanners can help to locate these vulnerabilities.  ...  We analyze the effect on security vulnerabilities of Java software faults injected on source code of Web applications.  ...  Vulnerability scanner tools effectiveness Web vulnerability scanners are regarded as an easy way to test applications against vulnerabilities.  ... 
doi:10.1109/dsnw.2010.5542602 dblp:conf/dsn/BassoFJM10 fatcat:5xiqkqtiszf73iu366nettcwnm

A Framework for Web Application Vulnerability Detection

2020 International Journal of Engineering and Advanced Technology  
Second, through the existing web application vulnerability scanners that sometime may suffer from generating false alarm rate.  ...  At flip side, hackers are also attacking this digital world with new tactics and techniques through exploiting the web application vulnerabilities.  ...  Literature survey of this paper concluded that there is a need of an AI engine to update instructional database of vulnerability scanner automatically for newly encountering attack vectors.  ... 
doi:10.35940/ijeat.c4778.029320 fatcat:jir2atlqffav3h5jozekw2gsum

A Clustering Approach for Web Vulnerabilities Detection

A. Dessiatnikoff, R. Akrout, E. Alata, M. Kaaniche, V. Nicomette
2011 2011 IEEE 17th Pacific Rim International Symposium on Dependable Computing  
This paper presents a new algorithm aimed at the vulnerability assessment of web applications following a blackbox approach.  ...  The objective is to improve the detection efficiency of existing vulnerability scanners and to move a step forward toward the automation of this process.  ...  VULNERABILITY SCANNERS PRINCIPLES Most frequent attacks on web servers include SQL injection attacks (for web servers connected to an SQL database) and code injection attacks (Flash, Javascript, etc.,  ... 
doi:10.1109/prdc.2011.31 dblp:conf/prdc/DessiatnikoffAAKN11 fatcat:iozzoogvsvegrlizyvufygfixy

The use of application scanners in software product quality assessment

Stefan Wagner
2011 Proceedings of the 8th international workshop on Software quality - WoSQ '11  
One way of automation in assessing the security of software are application scanners that test an executing software for vulnerabilities.  ...  Its applicability and the detection capabilities of common scanners are investigated in a case study with two open-source web shops.  ...  Acknowledgements I am grateful to Elmar Juergens for helpful suggestions on the manuscript.  ... 
doi:10.1145/2024587.2024597 dblp:conf/sigsoft/000111 fatcat:ebp5fo2xhzhttadesw7s7vbgra

Security Testing and Assessment of Vulnerability Scanners in Quest of Current Information Security Landscape

Chanchala Joshi, Umesh Kumar
2016 International Journal of Computer Applications  
The results of web application evaluation identify the most challenging vulnerabilities for scanner to detect, and compare the effectiveness of scanners.  ...  This paper describes a web application intended to be used to evaluate the efficiency of Netsparker, Acunetix and Burp Suite web application vulnerability scanners.  ...  In fact, vulnerability scanners provide an automatic way to search for vulnerabilities avoiding the repetitive and tedious task of doing hundreds or even thousands of tests by hand for each vulnerability  ... 
doi:10.5120/ijca2016910563 fatcat:27ph52deq5ckjhxk2vjfq5wtti

EVALUATION OF WEB APPLICATION SECURITY IN AFGHANISTAN

Abdullah Hamidi, Mohammad Mustafa Naier, Mohammad Rafi Bahez
2020 International Journal of Engineering Applied Sciences and Technology  
Security is an important concern to be considered in web application development. Some web applications are developed and maintained by the developers yearly and published on the World Wide Web.  ...  Therefore, they are graduated and start developing various types of applications for different private and public sector organizations.  ...  Besides, we thank the anonymous reviewers for their helpful feedback and our students to contribute in our research processes. VIII.  ... 
doi:10.33564/ijeast.2020.v04i11.002 fatcat:unpav7u3t5extgg5mvis2o2muq

An automated black box approach for web vulnerability identification and attack scenario generation

Rim Akrout, Eric Alata, Mohamed Kaaniche, Vincent Nicomette
2014 Journal of the Brazilian Computer Society  
The proposed methodology led to the development of a new Web vulnerability scanner that has been validated experimentally on several examples of vulnerable applications.  ...  This paper presents a new methodology, based on Web page clustering techniques, that is aimed at identifying the vulnerabilities of a Web application following a black box analysis of the target application  ...  Section 2.1 presents our clustering algorithm for detecting Web application vulnerabilities.  ... 
doi:10.1186/1678-4804-20-4 fatcat:k5dose6iqveixoof4zralod2ku

Using web security scanners to detect vulnerabilities in web services

Marco Vieira, Nuno Antunes, Henrique Madeira
2009 2009 IEEE/IFIP International Conference on Dependable Systems & Networks  
Web vulnerability scanners allow detecting security vulnerabilities in web services by stressing the service from the point of view of an attacker.  ...  the limitations of web vulnerability scanners on detecting security vulnerabilities in web services.  ...  Acunetix Web Vulnerability Scanner "is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities" [8] .  ... 
doi:10.1109/dsn.2009.5270294 dblp:conf/dsn/VieiraAM09 fatcat:xzz7dqlyffbfhcstjtwsmpxice

Evaluation of Open Source Web Application Vulnerability Scanners

Himli S. Abdullah
2020 Academic Journal of Nawroz University  
Therefore, there is an exigent need for web application vulnerability scanners.  ...  In this study, we evaluate two open source web application vulnerability scanners Paros and OWASP Zed Attack Proxy (OWASP ZAP) by testing them against two vulnerable web applications buggy web application  ...  Therefore, there is an increasing need to secure these web applications by penetration testing using vulnerability scanners.  ... 
doi:10.25007/ajnu.v9n1a532 fatcat:rgohbgcmqbg4lnma24iq4nukvu

Evaluation of Web Security Mechanisms Using Inline Scenario & Online Scenario
English

M. Durai Ganesh, Dr. G. Gunasekaran
2014 International Journal of Engineering Trends and Technoloy  
In today's world there is large amount use of computer especially for web application. Most of the people do their transaction through web application.  ...  An IDS system that models the network behavior of user sessions across both the front-end web server and the back-end database.  ...  still present in the code, to evaluate web application vulnerability scanners, etc.  ... 
doi:10.14445/22315381/ijett-v8p208 fatcat:xqg6zr7g6faw7iboj2jqtiyhqm
« Previous Showing results 1 — 15 out of 5,671 results