Sniping at web applications to discover input-handling vulnerabilities
محفوظ في:
| الحاوية / القاعدة: | Journal of Computer Virology and Hacking Techniques vol. 20, no. 4 (Nov 2024), p. 641 |
|---|---|
| المؤلف الرئيسي: | |
| مؤلفون آخرون: | , |
| منشور في: |
Springer Nature B.V.
|
| الموضوعات: | |
| الوصول للمادة أونلاين: | Citation/Abstract Full Text Full Text - PDF |
| الوسوم: |
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| مستخلص: | Web applications play a crucial role in modern businesses, offering various services and often exposing sensitive data that can be enticing to attackers. As a result, there is a growing interest in finding innovative approaches for discovering vulnerabilities in web applications. In the evolving landscape of web security, the realm of fuzz testing has garnered substantial attention for its effectiveness in identifying vulnerabilities. However, existing literature has often underemphasized the nuances of web-centric fuzzing methodologies. This article presents a comprehensive exploration of fuzzing techniques specifically tailored to web applications, addressing the gap in the current research. Our work presents a holistic perspective on web-centric fuzzing, introduces a modular architecture that improves fuzzing effectiveness, demonstrates the reusability of certain fuzzing steps, and offers an open-source software package for the broader security community. By addressing these key contributions, we aim to facilitate advancements in web application security, empower researchers to explore new fuzzing techniques, and ultimately enhance the overall cybersecurity landscape. |
|---|---|
| تدمد: | 2263-8733 1772-9904 1772-9890 |
| DOI: | 10.1007/s11416-024-00518-0 |
| المصدر: | Advanced Technologies & Aerospace Database |