INTEGRATED CRAWLING AND AUDITING OF WEB APPLICATIONS AND WEB CONTENT
First Claim
Patent Images
1. A method for performing a vulnerability assessment of a target object, the method comprising the steps of:
- identifying a target object to assess;
initiating a crawling process on the identified object;
storing the results of the crawling process into a memory storage device;
initiating an audit process while the crawling process is still in operation;
extracting the stored results of the crawling process from the memory storage device and providing them to the audit process.
10 Assignments
0 Petitions
Accused Products
Abstract
A vulnerability assessment tool that is operative to analyze web sites by simultaneously operating a crawling process and an audit process. Once the crawling process is invoked, the results are provided to the audit process. The audit process, rather than waiting until the crawl process is completed, simultaneously audits the web site based on the already provided crawl results. The results of the audit are also fed back to the crawl process to further enhance the crawl.
89 Citations
20 Claims
-
1. A method for performing a vulnerability assessment of a target object, the method comprising the steps of:
-
identifying a target object to assess;
initiating a crawling process on the identified object;
storing the results of the crawling process into a memory storage device;
initiating an audit process while the crawling process is still in operation;
extracting the stored results of the crawling process from the memory storage device and providing them to the audit process. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for assessing the vulnerability of a target object, the system comprising:
-
a memory device;
a crawler process, communicatively coupled to the memory device and operative to conduct a crawl of the target object and store the results of the crawl into the memory device;
a scanner process, communicatively coupled to the crawler process and being operative to invoke the crawler process by providing the identity of the target object;
an audit process, communicatively coupled to the memory device and operative to conduct an audit simultaneously with the operation of the crawler process by extracting the results of the crawl from the memory device; and
a plurality of audit engines invoked by the audit process and operative to perform various attacks on the target object. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for performing a vulnerability assessment of a target object and providing results thereof to a user, the method comprising the steps of:
-
receiving input identifying a target object to assess;
conducting a crawling process on the identified object;
storing the results of the crawling process into a memory storage device;
conducting an audit process while the crawling process is still in operation;
extracting the stored results of the crawling process from the memory storage device and providing them to the audit process. storing the results of the audit process into the memory storage device; and
extracting the stored results of the audit process from the memory storage device and providing them to the crawling process for further crawling. - View Dependent Claims (20)
-
Specification