BROWSER BASED METHOD OF ASSESSING WEB APPLICATION VULNERABILITY
First Claim
Patent Images
1. A method of assessing the vulnerability of a web form, said web form comprising one or more elements loaded from a server to a browser, said method comprising the steps of:
- monitoring one or more HTTP requests transmitted from said browser to said server;
analyzing said one or more HTTP requests to detect one or more elements to be analyzed;
executing one or more security vulnerability tests for said one or more elements to be analyzed; and
displaying the results of said one or more security vulnerability tests.
2 Assignments
0 Petitions
Accused Products
Abstract
A novel and useful mechanism and method for assessing the vulnerability of web applications while browsing the application. As a user interacts with the web application, HTTP requests are sent from the browser to the web server. Each HTTP request is analyzed to determine if its associated elements need testing. Vulnerability assessment tests are sent to the server. Test results are then returned to the browser, where they are analyzed, displayed and/or stored in a log file.
-
Citations
25 Claims
-
1. A method of assessing the vulnerability of a web form, said web form comprising one or more elements loaded from a server to a browser, said method comprising the steps of:
-
monitoring one or more HTTP requests transmitted from said browser to said server; analyzing said one or more HTTP requests to detect one or more elements to be analyzed; executing one or more security vulnerability tests for said one or more elements to be analyzed; and displaying the results of said one or more security vulnerability tests. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of assessing the vulnerability of a web form, said web form comprising one or more elements loaded from a server to a browser, said method comprising the steps of:
-
monitoring one or more HTTP requests transmitted from said browser to said server; analyzing said one or more HTTP requests to detect one or more elements to be analyzed; executing one or more security vulnerability tests for said one or more elements to be analyzed; and saving the results of said one or more security vulnerability tests to a log file. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A computer program product for assessing the vulnerability of a web form, said web form comprising one or more elements loaded from a server to a browser, the computer program product comprising:
-
a computer usable medium having computer usable code embodied therewith, the computer program product comprising; computer usable code configured for monitoring one or more HTTP requests transmitted from said browser to said server; computer usable code configured for analyzing said one or more HTTP requests to detect one or more elements to be analyzed; computer usable code configured for executing one or more security vulnerability tests for said one or more elements to be analyzed; and computer usable code configured for displaying any detected the results of said one or more security vulnerability tests. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A computer program product for assessing the vulnerability of a web form, said web form comprising one or more elements loaded from a server to a browser, the computer program product comprising:
-
a computer usable medium having computer usable code embodied therewith, the computer program product comprising; computer usable code configured for monitoring one or more HTTP requests transmitted from said browser to said server; computer usable code configured for analyzing said one or more HTTP requests to detect one or more elements to be analyzed; computer usable code configured for executing one or more security vulnerability tests for said one or more elements to be analyzed; computer usable code configured for saving the results of said one or more security vulnerability tests to a log file; and computer usable code configured for displaying said log file. - View Dependent Claims (22, 23, 24, 25)
-
Specification