Vulnerability assessment of web applications - a testing approach

机译：Web应用程序的漏洞评估 - 测试方法

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Cyber security is becoming an important aspect in every industry like in banking sector, power and automation sectors. Servers are critical assets in these industries where business critical sensitive data is stored. These servers often incorporates web servers in them through which any business data and operations are performed remotely. Hence, it is obvious that for a reliable operation, security of web servers is very imperative. This paper provides a new testing approach for vulnerability assessment of web applications by means of analyzing and using a combined set of tools to address a wide range of security issues. We demonstrate the vulnerability assessment tests of a web application by using combination of W3AF and Nikto tools. It shows how with a combination of tools, one can increase the vulnerability testing coverages for web applications, considering the OWASP Top 10 [1] based threat modelling of web applications.

机译：网络安全正在成为银行业，动力和自动化领域等每个行业的一个重要方面。服务器是存储业务临界敏感数据的这些行业的关键资产。这些服务器通常包含它们中的Web服务器，通过哪些业务数据和操作远程执行。因此，显而易见的是，对于可靠的操作，Web服务器的安全性非常势在一体。本文通过分析和使用组合组工具提供了一种新的Web应用程序漏洞评估的新测试方法，以解决广泛的安全问题。我们通过使用W3AF和Nikto Tools的组合来演示Web应用程序的漏洞评估测试。它显示了如何组合工具，可以提高Web应用程序的漏洞测试覆盖范围，考虑到基于Web应用程序的威胁建模的OWASP Top 10 [1]。

著录项

来源
《International Conference on e-Technologies and Networks for Development》|2015年||共6页
会议地点
作者
Vibhandik Robert; Bose Arijit Kumar;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类计算机网络;
关键词
Internet; file servers; program testing; security of data; Nikto tools; OWASP Top 10 based threat modelling; W3AF; Web application vulnerability assessment; Web server security; cyber security; testing approach; vulnerability testing; Business; Decision support systems; Industries; Security; Testing; Web servers; AppScan; BurpSuite; OWASP; nikto; penetration testing security; security assessment tools; threat modelling; vulenrability assessment; w3af; web server;

机译：互联网;文件服务器;数据的安全性;数据的安全性;Nikto工具;OWASP基于10个基于10个的威胁建模;W3AF;Web应用程序漏洞评估;网络服务器安全;网络安全;测试方法;漏洞测试;业务;决策支持系统;行业;安全;测试;网络服务器;Appscan;康斯劳;OWASP;尼克托;渗透测试安全;安全评估工具;威胁建模;远离性评估;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF;W3AF）;

相似文献

外文文献
中文文献
专利

1. Automatic Generation of Tests to Exploit XML Injection Vulnerabilities in Web Applications [J] . Jan Sadeeq, Panichella Annibale, Arcuri Andrea, IEEE Transactions on Software Engineering . 2019,第4期

机译：自动生成测试以利用Web应用程序中的XML注入漏洞
2. Correction to: Search-based multi-vulnerability testing of XML injections in web applications [J] . Jan Sadeeq, Panichella Annibale, Arcuri Andrea, Empirical Software Engineering . 2019,第6期

机译：更正为：Web应用程序中基于注入的基于搜索的XML注入的多漏洞测试
3. Search-based multi-vulnerability testing of XML injections in web applications [J] . Jan Sadeeq, Panichella Annibale, Arcuri Andrea, Empirical Software Engineering . 2019,第6期

机译：Web应用程序中基于注入的基于搜索的XML注入的多漏洞测试
4. Vulnerability assessment of web applications - a testing approach [C] . Vibhandik Robert, Bose Arijit Kumar International Conference on e-Technologies and Networks for Development . 2015

机译：Web应用程序的漏洞评估-一种测试方法
5. Automatic Unit Testing to Detect Security Vulnerabilities in Web Applications [D] . Mohammadi, Mahmoud. 2018

机译：自动单元测试以检测Web应用程序中的安全漏洞
6. Search-based multi-vulnerability testing of XML injections in web applications [O] . Sadeeq Jan, Annibale Panichella, Andrea Arcuri, -1

机译：Web应用程序中基于注入的基于搜索的XML注入的多漏洞测试
7. Security Testing of Web Applications: a Search Based Approach for Cross-Site Scripting Vulnerabilities [O] . Andrea Avancini, Mariano Ceccato 2014

机译：Web应用程序的安全性测试：基于搜索的跨站点脚本漏洞方法

Vulnerability assessment of web applications - a testing approach

摘要

著录项

相似文献

相关主题

期刊订阅