Web Application Vulnerability Scanner

US 20100293616A1
Filed: 05/15/2009
Published: 11/18/2010
Est. Priority Date: 05/15/2009
Status: Active Grant

First Claim

Patent Images

1. A method of detecting website vulnerabilities;

connecting to a website;

retrieving a webpage from the website;

identifying a link within the retrieved webpage;

comparing the identified link to a known database of links to determine a unique link;

requesting the unique link from a server;

generating an attack string directed to the requested unique link; and

identifying security vulnerabilities within the requested unique link.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a method for quickly indentifying vulnerabilities in web applications. The method determines website links of interest and evaluates sites for web application vulnerabilities. Both in the selection of links and in their evaluation the method employs various heuristics to enforce a fast evaluation while requiring minimal resources to run.

56 Citations

View as Search Results

20 Claims

1. A method of detecting website vulnerabilities;
- connecting to a website;
  
  retrieving a webpage from the website;
  
  identifying a link within the retrieved webpage;
  
  comparing the identified link to a known database of links to determine a unique link;
  
  requesting the unique link from a server;
  
  generating an attack string directed to the requested unique link; and
  
  identifying security vulnerabilities within the requested unique link.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of detecting website vulnerabilities of claim 1, further including ending the retrieval of webpages and identification of links therein upon the occurrence of an end condition.
  - 3. The method of detecting website vulnerabilities of claim 2, wherein the end conditions are selected from the group consisting essentially of a time based event, a determined number of examined links event and a lack of new webpages to crawl.
  - 4. The method of detecting website vulnerabilities of claim 3, wherein the time based event is between about 5 to 15 minutes.
  - 5. The method of detecting website vulnerabilities of claim 3, wherein the determined number of examined links event is between about 300 to 700 links.
  - 6. The method of detecting website vulnerabilities of claim 1, wherein the generated attack string instructs to evoke a plurality errors.
  - 7. The method of detecting website vulnerabilities of claim 6, wherein the generated attack string instructs a plurality of errors is selected from two or more of the vectors groups essentially consisting of structured query languages (SQL), cross-site scripting (XSS), remote file inclusion (RFI) and combinations thereof.
  - 8. The method of detecting website vulnerabilities of claim 1, wherein the known database is comprised of links previously found and identified, and disposing of links determined not to be unique and characterizing and storing the unique links.
  - 9. The method of detecting website vulnerabilities of claim 1, wherein determining the unique link includes evaluating a degree of uniqueness when compared to the known database.
  - 10. The method of detecting website vulnerabilities of claim 9, further including comparing the determined uniqueness to a uniqueness threshold in determining the unique link.

11. A method of detecting website vulnerabilities;
- connecting to a website;
  
  retrieving a webpage from the website;
  
  identifying a link within the retrieved webpage;
  
  comparing the identified link to a known database of links to determine a unique link;
  
  disposing of links determined not to be unique and characterizing and storing the unique links;
  
  ending the retrieval of webpages and identification of links therein upon the occurrence of an end condition being selected from the group consisting essentially of a time based event, a determined number of examined links event and a lack of new webpages to crawl;
  
  requesting the unique link from a server;
  
  generating an attack string directed to the requested unique link; and
  
  identifying security vulnerabilities within the requested unique link.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The method of detecting website vulnerabilities of claim 11, wherein the time based event is between about 5 to 15 minutes.
  - 13. The method of detecting website vulnerabilities of claim 11 wherein the determined number of examined links event is between about 300 to 700 links.
  - 14. The method of detecting website vulnerabilities of claim 11, wherein the generated attack string instructs to evoke a plurality errors.
  - 15. The method of detecting website vulnerabilities of claim 14, wherein the generated attack string instructs a plurality of errors is selected from two or more of the vectors groups essentially consisting of structured query languages (SQL), cross-site scripting (XSS), remote file inclusion (RFI) and combinations thereof.
  - 16. The method of detecting website vulnerabilities of claim 11, wherein determining the unique link includes evaluating a degree of uniqueness when compared to the known database, wherein the determined uniqueness to a uniqueness threshold in determining the unique link.

17. A method of detecting website vulnerabilities;
- connecting to a website;
  
  retrieving a webpage from the website;
  
  identifying a link within the retrieved webpage;
  
  comparing the identified link to a known database of links to determine a unique link;
  
  ending the retrieval of webpages and identification of links therein upon the occurrence of an end condition selected from the group consisting essentially of a time based event, a determined number of examined links event and a lack of new webpages to crawl;
  
  requesting the unique link from a server;
  
  generating an attack string directed to the requested unique link, wherein the generated attack string instructs a plurality of errors is selected from two or more of the vectors groups essentially consisting of structured query languages (SQL), cross-site scripting (XSS), remote file inclusion (RFI) and combinations thereof; and
  
  identifying security vulnerabilities within the requested unique link.
- View Dependent Claims (18, 19, 20)
- - 18. The method of detecting website vulnerabilities of claim 17, wherein determining the unique link includes evaluating a degree of uniqueness when compared to the known database and disposing of links not determined to be unique and characterizing and storing the unique links
  - 19. The method of detecting website vulnerabilities of claim 17, further including comparing the determined uniqueness to a uniqueness threshold in determining the unique link.
  - 20. The method of detecting website vulnerabilities of claim 17, wherein the time based event is between about 5 to 15 minutes and the determined number of examined links event is between about 300 to 700 links.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Controlscan Incorporated
Original Assignee
Controlscan Incorporated
Inventors
Young, Frederick

Granted Patent

US 8,365,290 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/564   by virus signature recognition

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1433   Vulnerability analysis

Web Application Vulnerability Scanner

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

56 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Web Application Vulnerability Scanner

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

56 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links