Context: Web applications are trusted by billions of users for performing day-to-day activities.
Accessibility, availability and omnipresence of web applications have made them a prime …

Programs are implemented in a variety of languages and contain serious vulnerabilities
which might be exploited to cause security breaches. These vulnerabilities have been …

Black-box web vulnerability scanners are a class of tools that can be used to identify security
issues in web applications. These tools are often marketed as “point-and-click pentesting” …

Black-box web vulnerability scanners are a popular choice for finding security vulnerabilities
in web applications in an automated fashion. These tools operate in a point-and-shoot …

Web applications are the most common way to make services and data available on the
Internet. Unfortunately, with the increase in the number and complexity of these applications …

This paper focuses on defense mechanisms for cross-site scripting attacks, the top threat on
web applications today. It is believed that input validation (or filtering) can effectively prevent …

SQL injection attacks are one of the top-most threats for applications written for the Web.
These attacks are launched through specially crafted user inputs, on Web applications that …

We present a static control-flow analysis for JavaScript programs running in a web browser.
Our analysis tackles numerous challenges posed by modern web applications including …

Web applications evolved in the last decades from simple scripts to multi-functional
applications. Such complex web applications are prone to different types of security …

Web applications are one of the most prevalent platforms for information and service
delivery over the Internet today. As they are increasingly used for critical services, web …