Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Survey of Automated Tools for Probing Vulnerable Web Applications
Linköping University, Department of Computer and Information Science.
2017 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

The development of web applications have increased exceedingly in the last few years. Without the concern of security development, these web applications are exposed to a great amount of cyber threats. This thesis provides a survey of automated tools, or so called black box web scanners, that are used to find vulnerabilities, without any internal knowledge, in a web application. The web scanners was evaluated by running them on an vulnerable web application called XVWA and comparing the scanning results with two criteria. First criterion is to see if it is as accurate as stated, and the second criterion is to check if they pass the requirements of NIST for a web scanner of this type. All of the web scanners included in this thesis are open source/free to use. The results of eight different web scanners shows that most of the scanners does not follow the NIST requirements fully, however the majority still performs well. It has also been seen that the newer and most active developed scanners performs the best which is logical. One of the drawn conclusions is that none works perfect or is above all the other scanners.

Place, publisher, year, edition, pages
2017. , p. 30
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:liu:diva-134279ISRN: LIU-IDA/LITH-EX-A--17/001—SEOAI: oai:DiVA.org:liu-134279DiVA, id: diva2:1070939
External cooperation
Ross Tsagalidis (Försvarsmakten)
Subject / course
Information Technology
Examiners
Available from: 2017-02-06 Created: 2017-02-03 Last updated: 2018-01-13Bibliographically approved

Open Access in DiVA

fulltext(853 kB)273 downloads
File information
File name FULLTEXT01.pdfFile size 853 kBChecksum SHA-512
2bb4a49fb629a8b5d5c12da6d3e3c8247315013b7854f2119e7fa8f2b895d5434fbcb72cec7db49a53ed929dda4cb085fb507a18799b49f9ceaf07768f562e3c
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Barsomo, Milad
By organisation
Department of Computer and Information Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 273 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 1336 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf