SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS
Nowadays, there are commercial and free tools to automatically test websites’ security which is considered to be the positive point for pen-tester. In contrast, these tools might also produce false alerts. To minimize these false alerts, it is necessary to develop a tool which helps pen-tester verif...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Dalat University
2016-06-01
|
| Series: | Tạp chí Khoa học Đại học Đà Lạt |
| Subjects: | |
| Online Access: | http://tckh.dlu.edu.vn/index.php/tckhdhdl/article/view/42 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832573690781368320 |
|---|---|
| author | Phạm Duy Lộc Phan Thị Thanh Nga |
| author_facet | Phạm Duy Lộc Phan Thị Thanh Nga |
| author_sort | Phạm Duy Lộc |
| collection | DOAJ |
| description | Nowadays, there are commercial and free tools to automatically test websites’ security which is considered to be the positive point for pen-tester. In contrast, these tools might also produce false alerts. To minimize these false alerts, it is necessary to develop a tool which helps pen-tester verify alerts manually or automatically with cross-checking results collected from many pen-test tools. We name this tool PAT (Pen-Test Assistance Tool). PAT is able to save experiences from previous successful checking for future check. PAT also can check vulnerabilities automatically based on report of pen-test tools and warn website errors to web-masters automatically via email. In the first version of PAT, we focus on SQL Injection vulnerabilities in ASP.NET websites. |
| format | Article |
| id | doaj-art-52cc2c8034c6437b815a503fb815a5dc |
| institution | Kabale University |
| issn | 0866-787X 0866-787X |
| language | English |
| publishDate | 2016-06-01 |
| publisher | Dalat University |
| record_format | Article |
| series | Tạp chí Khoa học Đại học Đà Lạt |
| spelling | doaj-art-52cc2c8034c6437b815a503fb815a5dc2025-02-02T03:15:40ZengDalat UniversityTạp chí Khoa học Đại học Đà Lạt0866-787X0866-787X2016-06-016210.37569/DalatUniversity.6.2.42(2016)25SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLSPhạm Duy Lộc0Phan Thị Thanh Nga1Khoa Công nghệ Thông tin, Trường Đại học Đà LạtKhoa Công nghệ Thông tin, Trường Đại học Đà LạtNowadays, there are commercial and free tools to automatically test websites’ security which is considered to be the positive point for pen-tester. In contrast, these tools might also produce false alerts. To minimize these false alerts, it is necessary to develop a tool which helps pen-tester verify alerts manually or automatically with cross-checking results collected from many pen-test tools. We name this tool PAT (Pen-Test Assistance Tool). PAT is able to save experiences from previous successful checking for future check. PAT also can check vulnerabilities automatically based on report of pen-test tools and warn website errors to web-masters automatically via email. In the first version of PAT, we focus on SQL Injection vulnerabilities in ASP.NET websites.http://tckh.dlu.edu.vn/index.php/tckhdhdl/article/view/42patsql injection attacksweb vulnerability scanner. |
| spellingShingle | Phạm Duy Lộc Phan Thị Thanh Nga SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS Tạp chí Khoa học Đại học Đà Lạt pat sql injection attacks web vulnerability scanner. |
| title | SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS |
| title_full | SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS |
| title_fullStr | SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS |
| title_full_unstemmed | SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS |
| title_short | SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS |
| title_sort | solutions for auto testing and auto warning website errors based on the results of the website error scanning tools |
| topic | pat sql injection attacks web vulnerability scanner. |
| url | http://tckh.dlu.edu.vn/index.php/tckhdhdl/article/view/42 |
| work_keys_str_mv | AT phamduyloc solutionsforautotestingandautowarningwebsiteerrorsbasedontheresultsofthewebsiteerrorscanningtools AT phanthithanhnga solutionsforautotestingandautowarningwebsiteerrorsbasedontheresultsofthewebsiteerrorscanningtools |