DETECTING AND MONITORING SERVER SIDE STATES DURING WEB APPLICATION SCANNING
First Claim
1. A computer-implemented method of detecting and monitoring server side state during the scanning of a web application, the method comprising:
- monitoring executed code of said web application while scanning said web application;
retrieving code coverage information from said monitoring of said executed code and retrieving scanning information from said scanning of said web application;
correlating said code coverage information with said scanning information; and
determining a change in said server side state based on said correlation.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-implemented method, system, and computer program product for detecting and monitoring server side state during the scanning of a web application. The method includes: monitoring executed code of the web application while scanning the web application; retrieving code coverage information from the monitoring of the executed code and retrieving scanning information from the scanning of the web application; correlating the code coverage information with the scanning information; and determining a change in the server side state based on the correlation. The system includes one or more devices that executes the steps of the method. The computer program products includes computer program instructions stored on a computer readable storage medium, where the instructions, when executed, will cause a computer to perform the steps of the methods.
-
Citations
19 Claims
-
1. A computer-implemented method of detecting and monitoring server side state during the scanning of a web application, the method comprising:
-
monitoring executed code of said web application while scanning said web application; retrieving code coverage information from said monitoring of said executed code and retrieving scanning information from said scanning of said web application; correlating said code coverage information with said scanning information; and determining a change in said server side state based on said correlation. - View Dependent Claims (2, 3, 4, 5, 17)
-
-
6. A computer-implemented method of detecting and monitoring server side state during the scanning of a web application, the method comprising:
-
monitoring executed code of said web application while scanning said web application; retrieving code coverage information from said monitoring of said executed code and retrieving scanning information from said scanning of said web application; and determining, based on said code coverage information and said scanning information, if a specified portion of the web application code was executed. - View Dependent Claims (7, 15, 18)
-
-
8. A computer-implemented method of detecting and monitoring server side state during the scanning of a web application, the method comprising:
-
sending a request to said web application while monitoring executed code of said web application and scanning said web application; receiving a response to said request; retrieving code coverage information from said monitoring of said executed code and retrieving scanning information from said scanning of said web application; extracting, from said code coverage information, said part of said executed code that was executed between the time when said request was sent and when said response was received; mapping said part of said executed code to said request to establish a relationship between said part of said executed code and said request; retrieving the part of previously executed code on said web application that was executed between the time when a previous request was sent and when a previous response was received, wherein said request is the same as said previous request; and determining if said part of previously executed code is different from said part of said executed code that was executed between the time when said request was sent and when said response was received. - View Dependent Claims (9, 16, 19)
-
-
10. A computer-implemented system for detecting and monitoring server side state during the scanning of a web application comprising:
-
a monitoring unit for monitoring executed code of said web application while scanning said web application; an information retrieving unit for retrieving code coverage information from said monitoring of said executed code and for retrieving scanning information from said scanning of said web application; a correlating unit for correlating said code coverage information with said scanning information; and a server side state analyzing unit for determining a change in said server side state based on said correlation. - View Dependent Claims (11, 12, 13, 14)
-
Specification