System for determining web application vulnerabilities
First Claim
1. A method for detecting security vulnerabilities in a web application executing on a web server or web application server, the method comprising:
- actuating the application in order to discover pre-defined elements of the application'"'"'s interface with external clients;
generating client requests having unauthorized values for said elements in order to generate exploits unique to the application;
attacking the application using the exploits; and
evaluating the results of the attack.
5 Assignments
0 Petitions
Accused Products
Abstract
A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application'"'"'s interface with external clients and the attributes of these elements. The client requests are then mutated based on a pre-defined set of mutation rules to thereby generate exploits unique to the application. The web application is attacked using the exploits and the results of the attack are evaluated for anomalous application activity.
241 Citations
43 Claims
-
1. A method for detecting security vulnerabilities in a web application executing on a web server or web application server, the method comprising:
-
actuating the application in order to discover pre-defined elements of the application'"'"'s interface with external clients;
generating client requests having unauthorized values for said elements in order to generate exploits unique to the application;
attacking the application using the exploits; and
evaluating the results of the attack. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for detecting security vulnerabilities in a hypertext-based web application installed on a web server or web application server, the method comprising:
-
traversing the application in order to discover and actuate links therein;
analyzing messages that flow or would flow between an authorized client and the web server in order to discover elements of the application'"'"'s interface with external clients and attributes of said elements;
generating unauthorized client requests in which said elements are mutated;
sending the mutated client requests to the server; and
receiving server responses to the unauthorized client requests and evaluating the results thereof. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A scanner for detecting security vulnerabilities in a HTML-based web application installed on a we server or web application server, the scanner comprising:
-
a crawling engine for traversing the application in order to discover and actuate links therein;
an analysis engine for analyzing messages that flow or would flow between an authorized client and the web server in order to discover elements of the application'"'"'s interface with external clients and attributes of said elements and for generating unauthorized client requests in which said elements are mutated; and
an attack engine for sending the mutated client requests to the server;
receiving server responses to the unauthorized client requests and evaluating the results thereof. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A crawling engine for automatically traversing a hypertext-based web site, comprising:
-
means for sending a client request in order to receive a server response;
means for parsing the response in order to discover links encapsulated therein;
means for actuating one or more discovered links in accordance with authorized client functionality in order to receive one or more server responses from which one or more additional client requests are generated; and
means for automatically supplying values to user-interactive parameters in the additional client requests, if required. - View Dependent Claims (42, 43)
-
Specification