Securing web applications from injection and logic vulnerabilities: Approaches and challenges
Context: Web applications are trusted by billions of users for performing day-to-day activities.
Accessibility, availability and omnipresence of web applications have made them a prime …
Accessibility, availability and omnipresence of web applications have made them a prime …
Stram: Measuring the trustworthiness of computer-based systems
Various system metrics have been proposed for measuring the quality of computer-based
systems, such as dependability and security metrics for estimating their performance and …
systems, such as dependability and security metrics for estimating their performance and …
Automated dynamic firmware analysis at scale: a case study on embedded web interfaces
Embedded devices are becoming more widespread, interconnected, and web-enabled than
ever. However, recent studies showed that embedded devices are far from being secure …
ever. However, recent studies showed that embedded devices are far from being secure …
Toss a fault to your witcher: Applying grey-box coverage-guided mutational fuzzing to detect sql and command injection vulnerabilities
Black-box web application vulnerability scanners attempt to automatically identify
vulnerabilities in web applications without access to the source code. However, they do so …
vulnerabilities in web applications without access to the source code. However, they do so …
Security testing: A survey
Identifying vulnerabilities and ensuring security functionality by security testing is a widely
applied measure to evaluate and improve the security of software. Due to the openness of …
applied measure to evaluate and improve the security of software. Due to the openness of …
Hackers vs. testers: A comparison of software vulnerability discovery processes
Identifying security vulnerabilities in software is a critical task that requires significant human
effort. Currently, vulnerability discovery is often the responsibility of software testers before …
effort. Currently, vulnerability discovery is often the responsibility of software testers before …
Model-based vulnerability testing for web applications
F Lebeau, B Legeard, F Peureux… - 2013 IEEE Sixth …, 2013 - ieeexplore.ieee.org
This paper deals with an original approach to automate Model-Based Vulnerability Testing
(MBVT) for Web applications, which aims at improving the accuracy and precision of …
(MBVT) for Web applications, which aims at improving the accuracy and precision of …
Enemy of the state: A {state-aware}{black-box} web vulnerability scanner
Black-box web vulnerability scanners are a popular choice for finding security vulnerabilities
in web applications in an automated fashion. These tools operate in a point-and-shoot …
in web applications in an automated fashion. These tools operate in a point-and-shoot …
An observational investigation of reverse {Engineers'} processes
Reverse engineering is a complex process essential to software-security tasks such as
vulnerability discovery and malware analysis. Significant research and engineering effort …
vulnerability discovery and malware analysis. Significant research and engineering effort …
A systematic literature review on the characteristics and effectiveness of web application vulnerability scanners
S Alazmi, DC De Leon - IEEE Access, 2022 - ieeexplore.ieee.org
Web applications have been a significant target for successful security breaches in the last
few years. They are currently secured, as a primary method, by searching for their …
few years. They are currently secured, as a primary method, by searching for their …