SecuBat: a web vulnerability scanner
Proceedings of the 15th international conference on World Wide Web
Web Application Security Assessment Tools
IEEE Security and Privacy
Multi-module vulnerability analysis of web-based applications
Proceedings of the 14th ACM conference on Computer and communications security
Leveraging User Interactions for In-Depth Testing of Web Applications
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
SS'08 Proceedings of the 17th conference on Security symposium
To catch a predator: a natural language approach for eliciting malicious payloads
SS'08 Proceedings of the 17th conference on Security symposium
Exploring the relationship betweenweb application development tools and security
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
SENTINEL: securing database from logic flaws in web applications
Proceedings of the second ACM conference on Data and Application Security and Privacy
Automated detection of client-state manipulation vulnerabilities
Proceedings of the 34th International Conference on Software Engineering
Enemy of the state: a state-aware black-box web vulnerability scanner
Security'12 Proceedings of the 21st USENIX conference on Security symposium
STING: finding name resolution vulnerabilities in programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Recording and replaying navigations on AJAX web sites
ICWE'12 Proceedings of the 12th international conference on Web Engineering
From model-checking to automated testing of security protocols: bridging the gap
TAP'12 Proceedings of the 6th international conference on Tests and Proofs
EARs in the wild: large-scale analysis of execution after redirect vulnerabilities
Proceedings of the 28th Annual ACM Symposium on Applied Computing
A survey on server-side approaches to securing web applications
ACM Computing Surveys (CSUR)
A brief history of web crawlers
CASCON '13 Proceedings of the 2013 Conference of the Center for Advanced Studies on Collaborative Research
Automated black-box detection of access control vulnerabilities in web applications
Proceedings of the 4th ACM conference on Data and application security and privacy
| Hi-index | 0.02 |
Black-box web vulnerability scanners are a class of tools that can be used to identify security issues in web applications. These tools are often marketed as "point-and-click pentesting" tools that automatically evaluate the security of web applications with little or no human support. These tools access a web application in the same way users do, and, therefore, have the advantage of being independent of the particular technology used to implement the web application. However, these tools need to be able to access and test the application's various components, which are often hidden behind forms, JavaScript-generated links, and Flash applications. This paper presents an evaluation of eleven black-box web vulnerability scanners, both commercial and open-source. The evaluation composes different types of vulnerabilities with different challenges to the crawling capabilities of the tools. These tests are integrated in a realistic web application. The results of the evaluation show that crawling is a task that is as critical and challenging to the overall ability to detect vulnerabilities as the vulnerability detection techniques themselves, and that many classes of vulnerabilities are completely overlooked by these tools, and thus research is required to improve the automated detection of these flaws.