Abstract
AbstractWeb applications play a crucial role in modern businesses, offering various services and often exposing sensitive data that can be enticing to attackers. As a result, there is a growing interest in finding innovative approaches for discovering vulnerabilities in web applications. In the evolving landscape of web security, the realm of fuzz testing has garnered substantial attention for its effectiveness in identifying vulnerabilities. However, existing literature has often underemphasized the nuances of web-centric fuzzing methodologies. This article presents a comprehensive exploration of fuzzing techniques specifically tailored to web applications, addressing the gap in the current research. Our work presents a holistic perspective on web-centric fuzzing, introduces a modular architecture that improves fuzzing effectiveness, demonstrates the reusability of certain fuzzing steps, and offers an open-source software package for the broader security community. By addressing these key contributions, we aim to facilitate advancements in web application security, empower researchers to explore new fuzzing techniques, and ultimately enhance the overall cybersecurity landscape.
Funder
Università degli Studi di Napoli Federico II
Publisher
Springer Science and Business Media LLC
Reference92 articles.
1. Singh, N., Meherhomji, V., Chandavarkar, B.: Automated versus manual approach of web application penetration testing. In: 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). IEEE, pp. 1–6 (2020)
2. Aydos, M., Aldan, Ç., Coşkun, E., Soydan, A.: Security testing of web applications: a systematic mapping of the literature. J. King Saud Univ. Comput. Inf. Sci. 34, 6775–6792 (2021)
3. The owasp testing guide (2022). [Online]. Available: https://owasp.org/www-project-web-security-testing-guide/. Accessed 01 Feb 2021
4. Path traversal. https://owasp.org/www-community/attacks/Path_Traversal. Accessed 12 Feb 2022
5. Kowalski, R.: Predicate logic as programming language. In: IFIP Congress, vol. 74, pp. 569–544 (1974)
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献