A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Filters
A Comparative Study of Web Application Security Parameters: Current Trends and Future Directions
2022
Applied Sciences
Preserved Fulltext
The evaluation is based on an extracted list of vulnerabilities from OWASP (Open Web Application Security Project). ...
A publicly available web application vulnerability scanner is a computer program that assesses web application security by employing automated penetration testing techniques that reduce the time, cost, ...
[43] published an article based on a comparative assessment of the performance of an open-source web vulnerability scanner. ...
doi:10.3390/app12084077
fatcat:2bid2347fbfb5ihjqminpysaji
Evaluation of Open Source Web Application Vulnerability Scanners
2020
Academic Journal of Nawroz University
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Therefore, there is an exigent need for web application vulnerability scanners. ...
In this study, we evaluate two open source web application vulnerability scanners Paros and OWASP Zed Attack Proxy (OWASP ZAP) by testing them against two vulnerable web applications buggy web application ...
Evaluation and testing of several free/open source web vulnerability scanners, 10th Conference for Informatics and Information Technology, Bitola, Macedonia, 2013. 8. Jiménez R. (2016). ...
doi:10.25007/ajnu.v9n1a532
fatcat:rgohbgcmqbg4lnma24iq4nukvu
WEB VULNERABILITY SCANNERS AND THEIR METHODS
2022
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Throughout this article, you can learn about Web Vulnerability Scanners and general concepts about choosing the right ones. general information and their working principles, including what components they ...
The article is not primarily about choosing scanners that detect vulnerabilities because it also provides assumptions about what choices we should make depending on the type of vulnerability. ...
Additionally, ZAP is a free Open Source cross-platform scanner that is becoming a framework for advanced web application vulnerability testing [1] . ...
doi:10.5281/zenodo.6605120
fatcat:zyt4trp6brfmpfij74kc3lls6q
An Integrated Approach Towards Vulnerability Assessment & Penetration Testing for a Web Application
2018
International Journal of Engineering & Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
This paper suggests an integrated approach of assessing the vulnerabilities in any web application using free and open source tools where the reports are generated with respect to vulnerabilities and their ...
The identified vulnerabilities are therefore exploited for testing the penetrations of a web application. ...
Arachni web Vulnerability scanner Arachni is Ruby framework aimed towards helping penetration testers evaluate the security of modern web applications. Its source code public and available for review. ...
doi:10.14419/ijet.v7i2.32.15733
fatcat:xp7aq3ntfbc7jnna2ynsix23li
Building a Test Suite for Web Application Scanners
2008
Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We evaluate the test suite experimentally using several web application scanners, both open-source and proprietary. ...
Web application scanners are automated, black-box testing tools that examine web applications for security vulnerabilities. ...
Acknowledgement We thank Will Guthrie for many helpful suggestions on this paper, Stephano Di Paola and Anurag Agarwal for their technical review. ...
doi:10.1109/hicss.2008.79
dblp:conf/hicss/FongGOBD08
fatcat:uaxhmy7znrdt7gjwhuwptpzxda
Web Application Scanners: Definitions and Functions
2007
2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
This paper identifies a taxonomy of software security assurance tools and defines one type of tool: web application scanner, i.e., an automated program that examines web applications for security vulnerabilities ...
We describe the types of functions that are generally found in a web application scanner and how to test it. ...
Black, and Eric Dalci for improving our understanding of web application scanners and many helpful suggestions on this paper. We also thank the anonymous reviewers for their insightful comments. ...
doi:10.1109/hicss.2007.611
dblp:conf/hicss/FongO07
fatcat:xqku6sqcpjfibekwo2yal6ttfq
The approaches to quantify web application security scanners quality: a review
2018
International Journal of Advanced Computer Research
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Acknowledgment We would like to express our gratitude to Dr Nilashi Mesbah for his contribution in sharing the knowledge. ...
WackoPicko, PCI,
MatchIt, W-VST,
Scan-bed
W4
Open-source
web
application framework
The open-access framework
that
supports
web
application development. ...
Figure 8 showed 45.6% of experiment methodologies
benchmark web application security scanner"s quality
with open-source web application framework, while
17.3% and 16.3% of experimental methodologies ...
doi:10.19101/ijacr.2018.838012
fatcat:ta2yr6f2dvcvpiaon5xnmug4i4
The use of application scanners in software product quality assessment
2011
Proceedings of the 8th international workshop on Software quality - WoSQ '11
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Other Versions
One way of automation in assessing the security of software are application scanners that test an executing software for vulnerabilities. ...
Its applicability and the detection capabilities of common scanners are investigated in a case study with two open-source web shops. ...
Acknowledgements I am grateful to Elmar Juergens for helpful suggestions on the manuscript. ...
doi:10.1145/2024587.2024597
dblp:conf/sigsoft/000111
fatcat:ebp5fo2xhzhttadesw7s7vbgra
DETECTION OF WEB APPLICATION VULNERABILITIES USING VATSCAN SCANNER
2020
International Journal of Engineering Applied Sciences and Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
is an NGO (Non-Governmental Organization) for universal Web Application Security. ...
The scanner uses crawling Operation to detect the web application end points, vulnerable input parameters and evaluating whether the input parameter is Vulnerable to exploit or not by executing harmless ...
The scanner uses technology detecting mechanism like Wapplyzer (Web application protocol analyzer), an open-source program to detect the technology like HTML, JS (Java Script), ORACLE DATABASE and carry ...
doi:10.33564/ijeast.2020.v04i10.011
fatcat:34amhx7okbh35m7igqflu54viu
An Integrated Approach for Detecting Security Vulnerabilities in Web Applications: A Theoretical Perspective
2018
International Journal of Computer Applications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Lastly, we present the theoretical framework for detecting web application vulnerabilities based on the proposed model. ...
Previous studies have suggested both commercial and open source tools such as Ashcan, Web Inspect, Web King, Skipfish, and OWASP ZAP just to mention but a few to help mitigate against this security gaps ...
Figure: 2 Simplified view of a web application
WEB APPLICATION SCANNERS A web application scanner is an automated program that examines web applications for security vulnerabilities [18] . ...
doi:10.5120/ijca2018918079
fatcat:i4oayruv6jfdrgnkobhrq7nvhu
UBCIS: Ultimate Benchmark for Container Image Scanning
2020
USENIX Security Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Both commercial and open-source tools exist for container image scanning. Results from these scanners, however, are inconsistent. ...
In this paper, we present the Ultimate Benchmark for Container Image Scanning (UB-CIS), a benchmark for evaluating image scanners. ...
Our contributions are 1) a benchmark tool for container scanner evaluation; 2) an evaluation of three popular scanners on common container images; 3) a vulnerability judging process for classifying vulnerabilities ...
dblp:conf/uss/BerkovichKW20
fatcat:72hzqose2jcr5dxvs3g7zxexx4
Evaluation of Black-Box Web Application Security Scanners in Detecting Injection Vulnerabilities
2022
Electronics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
To find web vulnerabilities before an attacker, security experts use black-box web application vulnerability scanners to check for security vulnerabilities in web applications. ...
Most studies have evaluated these black-box scanners against various vulnerable web applications. However, most tested applications are traditional (non-dynamic) and do not reflect current web. ...
Moreover, it provides an automated scan for quick tests and has an intercepting proxy component [41] . • Skipfish is a free and open-source vulnerability scanner that prepares an interactive sitemap for ...
doi:10.3390/electronics11132049
fatcat:2ws2opko3fhwheczy7ug5gsr4u
Web Unique Method (WUM): An Open Source Blackbox Scanner for Detecting Web Vulnerabilities
2017
International Journal of Advanced Computer Science and Applications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
However, these scanners cannot challenge all web vulnerabilities. ...
The distributed and open nature of internet attracts hackers to interrupt the smooth services of web applications. ...
This research www.ijacsa.thesai.org presents an open source web vulnerability scanner that use black box technique to carry out crawling and scanning for websites, to effectively detect the presence of ...
doi:10.14569/ijacsa.2017.081254
fatcat:lspa4wvsubcshnydczasi5ylze
Web Applications Security and Vulnerability Analysis Financial Web Applications Security Audit – A Case Study
2016
International Journal of Innovative Business Strategies
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
To help in security matters, many organizations build security frameworks for vulnerability assessment, security assessment, threat modeling, penetration testing, risk management and many more. ...
This article focus on the analysis of the results of security audits conducted on several financial web applications from one institution with aid of automatic tools in order to assess their web applications ...
This is the forth release of this open source web testing framework created and maintained by OWASP. ...
doi:10.20533/ijibs.2046.3626.2016.0014
fatcat:qnxgm6pz2ngwrneqtdbrltjbsy
Web Penetration Testing using Nessus and Metasploit Tool
2014
IOSR Journal of Computer Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Web Penetration Testing is a tool that is being used widely to see how the website reacts when an vulnerability attack is done. ...
We have done a survey of some of the web penetration tools that are available and then we have proposed a architecture using nesus and metasploit tool to do scan vulnerabilities of an website. ...
Penetration testers typically use a range of commercial and open-source tools to automate the generation of attacks. ...
doi:10.9790/0661-1634126129
fatcat:7rx77efoqzct7dbfunbn643cya
« Previous
Showing results 1 — 15 out of 3,012 results