Sniping at web applications to discover input-handling vulnerabilities
Uloženo v:
| Vydáno v: | Journal of Computer Virology and Hacking Techniques vol. 20, no. 4 (Nov 2024), p. 641 |
|---|---|
| Hlavní autor: | |
| Další autoři: | , |
| Vydáno: |
Springer Nature B.V.
|
| Témata: | |
| On-line přístup: | Citation/Abstract Full Text Full Text - PDF |
| Tagy: |
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstrakt: | Web applications play a crucial role in modern businesses, offering various services and often exposing sensitive data that can be enticing to attackers. As a result, there is a growing interest in finding innovative approaches for discovering vulnerabilities in web applications. In the evolving landscape of web security, the realm of fuzz testing has garnered substantial attention for its effectiveness in identifying vulnerabilities. However, existing literature has often underemphasized the nuances of web-centric fuzzing methodologies. This article presents a comprehensive exploration of fuzzing techniques specifically tailored to web applications, addressing the gap in the current research. Our work presents a holistic perspective on web-centric fuzzing, introduces a modular architecture that improves fuzzing effectiveness, demonstrates the reusability of certain fuzzing steps, and offers an open-source software package for the broader security community. By addressing these key contributions, we aim to facilitate advancements in web application security, empower researchers to explore new fuzzing techniques, and ultimately enhance the overall cybersecurity landscape. |
|---|---|
| ISSN: | 2263-8733 1772-9904 1772-9890 |
| DOI: | 10.1007/s11416-024-00518-0 |
| Zdroj: | Advanced Technologies & Aerospace Database |