Websites written in ASP.NET might contain security vulnerabilities that are not seen to the owner of the website. This paper describes an algorithm that aims in the detection of security vulnerabilities. The suggested algorithm performs a scanning process for all website/ application files. Our scanner tool relies on studying the source code of the application depending on ASP.NET files and the code behind files (Visual Basic VB and C sharp C#). A program written for this purpose is to generate a report that describes most leaks and vulnerabilities types (by mentioning the file name, leak description and its location). The suggested algorithm will help organization to fix the vulnerabilities and improve the overall security.
展开▼