Automated user interaction in application assessment
First Claim
1. A method for performing a vulnerability assessment of a computer application that is accessible through a network as a web application by monitoring user interactions with the computer application through a network application and storing at least portions of the user interactions for playback during a vulnerability assessment, the method comprising the steps of:
- invoking a network application used to interact with the computer application through the use of a plurality of winsocks;
searching the network application to discover where at least some of the plurality of winsocks reside in memory;
setting a breakpoint at the start of at least one of the of the discovered winsocks;
detecting the occurrence of hitting breakpoints as the result of user interactions with the web application through the network application;
in response to each detection of hitting a breakpoint;
suspending operation of the network application;
probing the network application to obtain data identifying the user interactions with a web application;
recording the obtained data as recorded interactions; and
resuming operation of the network application; and
playing back the user interactions to simulate a user interacting with the computer application through the network application, to perform a vulnerability assessment of the web application using the recorded interactions.
10 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of systems, methods, software tools, etc. for performing an assessment of an application are provided. One embodiment comprises a method for performing an assessment of a web application. One such method comprises: recording user interactions with a web application; and playing back the user interactions to perform an assessment of the web application.
55 Citations
21 Claims
-
1. A method for performing a vulnerability assessment of a computer application that is accessible through a network as a web application by monitoring user interactions with the computer application through a network application and storing at least portions of the user interactions for playback during a vulnerability assessment, the method comprising the steps of:
-
invoking a network application used to interact with the computer application through the use of a plurality of winsocks; searching the network application to discover where at least some of the plurality of winsocks reside in memory; setting a breakpoint at the start of at least one of the of the discovered winsocks; detecting the occurrence of hitting breakpoints as the result of user interactions with the web application through the network application; in response to each detection of hitting a breakpoint; suspending operation of the network application; probing the network application to obtain data identifying the user interactions with a web application; recording the obtained data as recorded interactions; and resuming operation of the network application; and playing back the user interactions to simulate a user interacting with the computer application through the network application, to perform a vulnerability assessment of the web application using the recorded interactions. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A vulnerability assessment system for assessing the vulnerability of computer applications available over a network as web application, the system comprising:
-
a user interaction recorder for capturing interactions between a browser and a web application and storing the interactions into a storage device for future playback, the user interaction recorder being configured to invoke a network application to interact with the computer application, probe the network application to identify the memory location of a plurality of functions used to interface with the computer application over the network, setting breakpoints at one or more of the identified functions so as to allow the user interaction recorder to assume control over the network application when user interaction with the network application results in triggering a breakpoint, further probe the network application to record data of user interactions, and return control to the network application; and a processor running a playback tool for selectively accessing the recorded data of user interactions in the storage device and automatically repeating at least a subset of the recorded user interactions by simulating a user interacting with the computer application with the recorded interactions for performing a vulnerability assessment of the computer application using the previously recorded user interactions. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer application vulnerability assessment system comprising:
-
means for invoking a network application for interacting with the computer application so that a recording of the user interactions can be captured and stored, the network application being invoked by a user interaction recorder that sets breakpoints at strategic points to detect desired user interactions and to suspend the operation of the network application while recording data indicative of the user interactions; and means for selectively and automatically retrieving and repeating various portions of the captured user interactions for performing a vulnerability assessment of the computer application.
-
-
19. A web application vulnerability assessment system comprising:
-
a user interaction recorder that invokes and interfaces with a web browser to capture interactions between the web browser and a web application being accessed by the web browser and stores the interactions into a memory storage device, the user interaction recorder interfacing to the web browser by identifying various functions of the web browser that result in network accesses to the web application, setting breakpoints to be triggered upon invoking one or more of these various functions and invoking a debug application to capture the breakpoints and provide control to the user interaction recorder to detect and record user interactions that resulted in invoking the functions; and a processor executing a web application assessment agent that can access the recorded user interactions in the memory storage device as input for conducting a vulnerability assessment of the web application. - View Dependent Claims (20, 21)
-
Specification