System for determining web application vulnerabilities
First Claim
Patent Images
1. A method of detecting security vulnerabilities in an application installed on a computing device, the method comprising:
- discovering structure of the application;
detecting one or more potential vulnerabilities associated with the discovered structure;
submitting at least one request to exploit the one or more potential vulnerabilities; and
evaluating an outcome of said submitting to detect a threat level for the one or more potential vulnerabilities.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application'"'"'s interface with external clients and the attributes of these elements. The client requests are then mutated based on a pre-defined set of mutation rules to thereby generate exploits unique to the application. The web application is attacked using the exploits and the results of the attack are evaluated for anomalous application activity.
157 Citations
18 Claims
-
1. A method of detecting security vulnerabilities in an application installed on a computing device, the method comprising:
-
discovering structure of the application; detecting one or more potential vulnerabilities associated with the discovered structure; submitting at least one request to exploit the one or more potential vulnerabilities; and evaluating an outcome of said submitting to detect a threat level for the one or more potential vulnerabilities.
-
-
2. The method of claim 1, wherein the at least one request includes one or more parameters, the method comprising:
-
analyzing the outcome to alter at least one of the one or more parameters; and submitting a second request to exploit the one or more potential vulnerabilities, said second request including the at least one altered parameter.
-
-
3. The method of claim 1, wherein at least one of said discovering or said submitting is executed at the computing device.
-
4. The method of claim 1, wherein the computing device is a first computing device, and wherein at least one of said discovering or said submitting is executed on a second computing device that is communicatively coupled to the first computing device.
-
5. The method of claim 1, comprising:
submitting an HTTP request to execute at least one of said discovering or said submitting.
-
6. The method of claim 1, comprising:
submitting a request over an application programming interface to the computing device to execute at least one of said discovering or said submitting.
-
7. The method of claim 1, wherein the application is under development, the method comprising:
executing at least one of said discovering or said submitting during the development of the application.
-
8. The method of claim 1, wherein said evaluating comprises:
evaluating patterns from the outcome based on known patterns or discovered patterns.
-
9. The method of claim 1, wherein said evaluating comprises:
evaluating patterns from the outcome based on recognition of a keyword detected from the outcome.
-
10. The method of claim 1, comprising:
suggesting a corrective measure for mitigating the threat level.
-
11. A method of detecting security vulnerabilities in an application installed on a computing device, the method comprising:
-
discovering structure of the application; detecting one or more potential vulnerabilities associated with the discovered structure; submitting a first request to exploit the one or more potential vulnerabilities, said first request including one or more parameters; analyzing an outcome of said submitting the first request to thereby alter at least one of the one or more parameters; submitting a second request to exploit the one or more potential vulnerabilities, said second request including the at least one altered parameter; and evaluating an outcome of said submitting the second request to detect a threat level for the one or more potential vulnerabilities.
-
-
12. A system for detecting security vulnerabilities, comprising:
-
an application under test; and a testing application, wherein said testing application comprises, first means for discovering a structure of the application under test, second means for detecting one or more potential vulnerabilities associated with the discovered structure, third means for submitting at least one request to exploit the one or more potential vulnerabilities, and fourth means for evaluating an outcome from the third means to detect a threat level for the one or more potential vulnerabilities.
-
-
13. The system of claim 12, wherein the application under test and the testing application reside on the same device.
-
14. The system of claim 12, wherein the application under test and the testing application reside on different devices.
-
15. The system of claim 12, wherein the application under test resides in a development environment.
-
16. A computer program product comprising a computer-readable storage medium having computer readable program code functions embedded in said medium for causing a computer to detect security vuinerabilities in an application, the computer program product comprising:
-
a first computer readable program code function that causes the computer to discover structure of the application; a second computer readable program code function that causes the computer to detect one or more potential vulnerabilities associated with the discovered structure; a third computer readable program code function that causes the computer to submit at least one request to exploit the one or more potential vulnerabilities; and a fourth computer readable program code function that causes the computer to evaluate an outcome from the third computer readable program code function and to detect a threat level for the one or more potential vulnerabilities.
-
-
17. The computer program product according to claim 16, wherein the application and the computer program product reside on the same device.
-
18. The computer program product according to claim 16, wherein the application and the computer program product reside on differing devices.
Specification