Penetration Testing for Web Services

被引:14
|
作者
Antunes, Nuno [1 ]
Vieira, Marco [1 ]
机构
[1] Univ Coimbra, Dept Informat Engn, P-3000 Coimbra, Portugal
来源
COMPUTER | 2014年 / 47卷 / 02期
关键词
code vulnerabilities; command injection; penetration testing; SQL injection; vulnerability detection; Web security scanners; Web services;
D O I
10.1109/MC.2013.409
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Web services are often deployed with critical software security faults that open them to malicious attack. Penetration testing using commercially available automated tools can help avoid such faults, but new analysis of several popular testing tools reveals significant failings in their performance.
引用
收藏
页码:30 / 36
页数:7
相关论文
共 50 条
  • [11] WAPTT - Web Application Penetration Testing Tool
    Duric, Zoran
    ADVANCES IN ELECTRICAL AND COMPUTER ENGINEERING, 2014, 14 (01) : 93 - 102
  • [12] Comparing the Effectiveness of Penetration Testing and Static Code Analysis on the Detection of SQL Injection Vulnerabilities in Web Services
    Antunes, Nuno
    Vieira, Marco
    IEEE 15TH PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING, PROCEEDINGS, 2009, : 301 - 306
  • [13] Testing discovered web services automatically
    Karagoz, Pinar
    Utku, Selma
    WEBIST 2014 - Proceedings of the 10th International Conference on Web Information Systems and Technologies, 2014, 1 : 160 - 167
  • [14] Testing web services by XML perturbation
    Xu, Wuzhi
    Offutt, Jeff
    Luo, Juan
    16TH IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING, PROCEEDINGS, 2005, : 257 - 266
  • [15] Performance Testing of Web Map Services
    Horak, Jiri
    Ardielli, Jiri
    Ruzicka, Jan
    NEW CHALLENGES FOR INTELLIGENT INFORMATION AND DATABASE SYSTEMS, 2011, 351 : 257 - 266
  • [16] An Efficient Performance Testing of Web Services
    Hasnain, Muhammad
    Pasha, Muhammad Fermi
    Ghani, Imran
    Babar, Muhammad Imran
    2019 22ND IEEE INTERNATIONAL MULTI TOPIC CONFERENCE (INMIC), 2019, : 170 - 177
  • [17] A Study on Testing For Web Services Composition
    Rusli, Hazlifah Mohd
    Ibrahim, Suhaimi
    Puteh, Mazidah
    KNOWLEDGE MANAGEMENT AND INNOVATION: A BUSINESS COMPETITIVE EDGE PERSPECTIVE, VOLS 1-3, 2010, : 1547 - +
  • [18] Trustworthy Web Services based on testing
    Yu, WD
    Supthaweesuk, P
    Aravind, D
    SOSE 2005: IEEE International Workshop on Service-Oriented System Engineering, 2005, : 159 - 169
  • [19] Tool for Automatic Testing of Web Services
    Bluemke, Ilona
    Kurek, Michal
    Purwin, Malgorzata
    FEDERATED CONFERENCE ON COMPUTER SCIENCE AND INFORMATION SYSTEMS, 2014, 2014, 2 : 1553 - 1558
  • [20] Stress Testing of Web Services Interface
    Motalova, Leona
    Janckulik, Dalibor
    Krejcar, Ondrej
    E-HEALTH, 2010, 335 : 224 - 225
12345