Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail publikace
PÍŠ, P. LAZAROV, W.
Originální název
Utilizing Dynamic Analysis for Web Application Penetration Testing
Typ
článek ve sborníku ve WoS nebo Scopus
Jazyk
angličtina
Originální abstrakt
This paper presents the design and implementation of a new modular tool, called PtWebDA, for dynamic analysis of web applications as one of the techniques used in penetration testing. Compared to other available tools and their limitations, our solution enables efficient rate limiting while also allowing testing of HTTP headers, cookie attributes, and content security policy directives. To verify its effectiveness in supporting manual web application penetration testing, we performed experimental testing in a controlled environment. The results of testing the presented tool PtWebDA are discussed in detail and highlight the key contributions of our solution.
Klíčová slova
cybersecurity; dynamic analysis; penetration testing; rate limiting; cookies; CSP directives; HTTP headers
Autoři
PÍŠ, P.; LAZAROV, W.
Vydáno
23. 4. 2024
Nakladatel
Brno University of Technology, Faculty of Electrical Engineering and Communication
Místo
Brno
ISBN
978-80-214-6230-4
Kniha
Proceedings II of the 30th Conference STUDENT EEICT 2024
Edice
1
Strany od
92
Strany do
95
Strany počet
4
URL
https://dx.doi.org/10.13164/eeict.2024.92
BibTex
@inproceedings{BUT188870, author="Patrik {Píš} and Willi {Lazarov}", title="Utilizing Dynamic Analysis for Web Application Penetration Testing", booktitle="Proceedings II of the 30th Conference STUDENT EEICT 2024", year="2024", series="1", pages="92--95", publisher="Brno University of Technology, Faculty of Electrical Engineering and Communication", address="Brno", doi="10.13164/eeict.2024.92", isbn="978-80-214-6230-4", url="https://dx.doi.org/10.13164/eeict.2024.92" }