Communities and Collections
Usage
- 64 views
- 63 downloads
An analysis of the effectiveness of black-box web application scanners in detection of stored XSSI vulnerabilities
-
- Author(s) / Creator(s)
-
Stored Cross-Site Scripting (XSS) vulnerabilities are difficult to detect and state-of-the-art black-box scanners have low detection rates. Both Bau et al. and Doupé et al. investigated black- box web application security scanners, and this paper extends their analyses of state-of-the-art black-box detection of stored XSS. We use our own custom testbed, SimplifiedTB, which is available upon request. Weaknesses and limitations of black-box scanners identified in our study confirm weaknesses and limitations discussed by Bau et al. and Doupé et al. The paper provides a list of recommendations for improving black-box detection of stored XSS vulnerabilities.
-
- Date created
- 2012-01-01
-
- Subjects / Keywords
-
- Type of Item
- Research Material