首页>
外国专利>
AUTOMATED FUZZING BASED ON ANALYSIS OF APPLICATION EXECUTION FLOW
AUTOMATED FUZZING BASED ON ANALYSIS OF APPLICATION EXECUTION FLOW
展开▼
机译:基于应用执行流分析的自动模糊
展开▼
页面导航
摘要
著录项
相似文献
摘要
Described herein is a system and method for identifying a vulnerability of an application (e.g., web application). A message comprising a request and associated execution flow of the application in response to the request is received. The message is analyzed to determine whether the execution flow includes a function pre-defined as interesting. In response to determining that the execution flow includes the function pre-defined as interesting, a determination is made that the function pre-defined as interesting comprises a vulnerability of the application. In response to determining that the function pre-defined as interesting comprises a vulnerability of the application, an action is taken with respect to the vulnerability. The action can include, for example, providing information regarding the identified vulnerability and/or blocking execution of particular code of the application.
展开▼