Technique for determining web services vulnerabilities and compliance

Technique for determining web services vulnerabilities and compliance

A technique for testing applications for vulnerabilities that may be as a result of loosely defined criteria and restrictions associated with interfacing to the applications. Interfaces associated with an application to be tested are identified. The interfaces may include the names of services provi...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: MALLAL RIZWAN, YUNUS MAMOON
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A technique for testing applications for vulnerabilities that may be as a result of loosely defined criteria and restrictions associated with interfacing to the applications. Interfaces associated with an application to be tested are identified. The interfaces may include the names of services provided by the application as well as parameters that are passed to the services. One or more mutant requests containing one or more mutations are then generated based on the identified interfaces. The application is then attacked by forwarding the mutant requests to the application. Vulnerabilities of the application that were exposed as a result of the attack are then detected.