SAFELI ? SQL Injection Scanner Using Symbolic Execution

This paper presents the current progress, main algorithm, and the open problems of a tool set called "SAFELI," for detecting SQL Injection vulnerabilities resident in Web applications. SAFELI instruments the byte code of Java Web applications and utilizes symbolic execution to statically inspect security vulnerabilities. At each location that submits SQL query, an equation is constructed to find out the initial values of Web controls that lead to the breach of database security. The equation is solved by a hybrid string solver where the solution obtained is used to construct test cases.