Skip to Main content Skip to Navigation
Conference papers

A Hesitation Step into the BlackBox: Heuristic-Based Web Applications Reverse Engineering

Abstract : Automated black-box scanners alternatively reverse-engineer and fuzz web applications to detect vulnerabilities. It is established that the knowledge they acquired about such applications plays a key role in their ability to exhibit vulnerabilities. In this talk, we adapt a method to automatically reverse-engineer web applications. Three heuristics drive this process. Empirical experiments show that our method obtains a more precise knowledge of the application than state-of-the-art tools, and also increases vulnerability detection capability.
Document type :
Conference papers
Complete list of metadata

https://hal.inria.fr/hal-00853730
Contributor : Jean-Luc Richier <>
Submitted on : Monday, August 26, 2013 - 4:12:33 PM
Last modification on : Tuesday, December 8, 2020 - 10:18:09 AM

Identifiers

  • HAL Id : hal-00853730, version 1

Collections

Citation

Fabien Duchene, Sanjay Rawat, Jean-Luc Richier, Roland Groz. A Hesitation Step into the BlackBox: Heuristic-Based Web Applications Reverse Engineering. NSC 2013 - NoSuchCon Conference, May 2013, Paris, France. ⟨hal-00853730⟩

Share

Metrics

Record views

372