Sniping at web applications to discover input-handling vulnerabilities
Guardado en:
| Udgivet i: | Journal of Computer Virology and Hacking Techniques vol. 20, no. 4 (Nov 2024), p. 641 |
|---|---|
| Hovedforfatter: | |
| Andre forfattere: | , |
| Udgivet: |
Springer Nature B.V.
|
| Fag: | |
| Online adgang: | Citation/Abstract Full Text Full Text - PDF |
| Tags: |
Ingen Tags, Vær først til at tagge denne postø!
|
| Resumen: | Web applications play a crucial role in modern businesses, offering various services and often exposing sensitive data that can be enticing to attackers. As a result, there is a growing interest in finding innovative approaches for discovering vulnerabilities in web applications. In the evolving landscape of web security, the realm of fuzz testing has garnered substantial attention for its effectiveness in identifying vulnerabilities. However, existing literature has often underemphasized the nuances of web-centric fuzzing methodologies. This article presents a comprehensive exploration of fuzzing techniques specifically tailored to web applications, addressing the gap in the current research. Our work presents a holistic perspective on web-centric fuzzing, introduces a modular architecture that improves fuzzing effectiveness, demonstrates the reusability of certain fuzzing steps, and offers an open-source software package for the broader security community. By addressing these key contributions, we aim to facilitate advancements in web application security, empower researchers to explore new fuzzing techniques, and ultimately enhance the overall cybersecurity landscape. |
|---|---|
| ISSN: | 2263-8733 1772-9904 1772-9890 |
| DOI: | 10.1007/s11416-024-00518-0 |
| Fuente: | Advanced Technologies & Aerospace Database |