State of the Art: Automated Black-Box Web Application Vulnerability Testing

Black-box web application vulnerability scanners are automated tools that probe web applications for security vulnerabilities. In order to assess the current state of the art, the authors obtained access to eight leading tools and carried out a study of: the class of vulnerabilities tested by these scanners, their effectiveness against target vulnerabilities, and the relevance of the target vulnerabilities to vulnerabilities found in the wild. To conduct their study they used a custom web application vulnerable to known and projected vulnerabilities, and previous versions of widely used web applications containing known vulnerabilities.

Provided by: Stanford University Topic: Security Date Added: Mar 2010 Format: PDF

Download Now

Find By Topic