SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS
In: Tạp chí Khoa học Đại học Đà Lạt, Jg. 6 (2016-06-01), Heft 2
Online
academicJournal
Zugriff:
Nowadays, there are commercial and free tools to automatically test websites’ security which is considered to be the positive point for pen-tester. In contrast, these tools might also produce false alerts. To minimize these false alerts, it is necessary to develop a tool which helps pen-tester verify alerts manually or automatically with cross-checking results collected from many pen-test tools. We name this tool PAT (Pen-Test Assistance Tool). PAT is able to save experiences from previous successful checking for future check. PAT also can check vulnerabilities automatically based on report of pen-test tools and warn website errors to web-masters automatically via email. In the first version of PAT, we focus on SQL Injection vulnerabilities in ASP.NET websites.
Titel: |
SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS
|
---|---|
Autor/in / Beteiligte Person: | Phạm Duy Lộc ; Phan Thị Thanh Nga |
Link: | |
Zeitschrift: | Tạp chí Khoa học Đại học Đà Lạt, Jg. 6 (2016-06-01), Heft 2 |
Veröffentlichung: | Dalat University, 2016 |
Medientyp: | academicJournal |
ISSN: | 0866-787X (print) |
DOI: | 10.37569/DalatUniversity.6.2.42(2016) |
Schlagwort: |
|
Sonstiges: |
|