Sniping at web applications to discover input-handling vulnerabilities
保存先:
| 出版年: | Journal of Computer Virology and Hacking Techniques vol. 20, no. 4 (Nov 2024), p. 641 |
|---|---|
| 第一著者: | |
| その他の著者: | , |
| 出版事項: |
Springer Nature B.V.
|
| 主題: | |
| オンライン・アクセス: | Citation/Abstract Full Text Full Text - PDF |
| タグ: |
タグなし, このレコードへの初めてのタグを付けませんか!
|
| 抄録: | Web applications play a crucial role in modern businesses, offering various services and often exposing sensitive data that can be enticing to attackers. As a result, there is a growing interest in finding innovative approaches for discovering vulnerabilities in web applications. In the evolving landscape of web security, the realm of fuzz testing has garnered substantial attention for its effectiveness in identifying vulnerabilities. However, existing literature has often underemphasized the nuances of web-centric fuzzing methodologies. This article presents a comprehensive exploration of fuzzing techniques specifically tailored to web applications, addressing the gap in the current research. Our work presents a holistic perspective on web-centric fuzzing, introduces a modular architecture that improves fuzzing effectiveness, demonstrates the reusability of certain fuzzing steps, and offers an open-source software package for the broader security community. By addressing these key contributions, we aim to facilitate advancements in web application security, empower researchers to explore new fuzzing techniques, and ultimately enhance the overall cybersecurity landscape. |
|---|---|
| ISSN: | 2263-8733 1772-9904 1772-9890 |
| DOI: | 10.1007/s11416-024-00518-0 |
| ソース: | Advanced Technologies & Aerospace Database |