study

State of the Art Automated Black-Box Web Application Vulnerability Testing

By , , ,   @S&P 2010
0 reaction(s) | 1410 downloads
We evaluate the effectiveness of the most popular web automated vulnerability scanners and analyze how effective they are at detecting various vulnerabilities (XSS, CSRF, SQLi…). We also test how good they are at crawling websites and discovering non-standard links (flash, java, AJAX)
You liked it, share it !
Downloads
paper
slides
You might also like reading

Embedded devices 2009

XCS cross channel scripting and its impact on web applications

Clickjacking 2010

Busting Frame Busting a Study of Clickjacking Vulnerabilities on Popular Sites

Blog 2011

Analyzing web application performance

Embedded devices 2010

The emergence of cross channel scripting

Captcha 2010

How Good are Humans at Solving CAPTCHAs A Large Scale Evaluation
Comments
About me
Researcher at Google, specializing in Internet security and privacy.
Latest blog posts
Latest social News
1 day ago
New "tool": HULK, Web Server DoS Tool - http://t.co/dWlcrq2v #security #pentesting #web
3 days ago
New survey: 19% of users use their browser private mode - http://t.co/2BTgm6SA #security #privacy #infosec #smo
3 days ago
19% of users use their browser private mode - http://t.co/ed2NqpaZ #security #privacy #infosec
4 days ago
Blizzard fixing GAME Australia's bankruptcy mess, giving Diablo 3 to those who preordered - http://t.co/JjpVm5X5 #d3 #diablo #diablo3
6 days ago
SessionJuggler Secure Web Login from an Untrusted Terminal Using Session Hijacking - http://t.co/IRQsBcVY #security #infosec #www2012...