Skip to main content

Next Generation Black-Box Web Application Vulnerability Analysis Framework

Abstract Web applications are an incredibly important aspect of our modern lives. Organizations

and developers use automated vulnerability analysis tools, also known as

scanners, to automatically find vulnerabilities in their web applications during development.

Scanners have traditionally fallen into two types of approaches: black-box

and white-box. In the black-box approaches, the scanner does not have access to the

source code of the web application whereas a white-box approach has access to the

source code. Today’s state-of-the-art black-box vulnerability scanners employ various

methods to fuzz and detect vulnerabilities in a web application. However, these

scanners attempt to fuzz the web application with a number of known payloads and
... (more)
Created Date 2017
Contributor Khairnar, Tejas (Author) / Doupé, Adam (Advisor) / Ahn, Gail-Joon (Committee member) / Zhao, Ziming (Committee member) / Arizona State University (Publisher)
Subject Computer science / Black-Box / Cross Site Scripting / Inductive Reverse Engineering / Static Program Analysis / Vulnerability Scanner / XSS
Type Masters Thesis
Extent 47 pages
Language English
Reuse Permissions All Rights Reserved
Note Masters Thesis Computer Science 2017
Collaborating Institutions Graduate College / ASU Library
Additional Formats MODS / OAI Dublin Core / RIS

  Full Text
801.2 KB application/pdf
Download Count: 607

Description Dissertation/Thesis