Show simple item record

dc.contributor.authorJiva, Farhan Saleem
dc.date.accessioned2014-03-04T20:27:12Z
dc.date.available2014-03-04T20:27:12Z
dc.date.issued2012-05
dc.identifier.otherjiva_farhan_s_201205_ms
dc.identifier.urihttp://purl.galileo.usg.edu/uga_etd/jiva_farhan_s_201205_ms
dc.identifier.urihttp://hdl.handle.net/10724/27997
dc.description.abstractWith the advent of innovative Web 2.0 technologies, web applications play an important role on the modern-day Internet by delivering rich services such as web-based e-mail to social networking, on-line banking to e-commerce, as well as a plethora of other functionalities. However, due to their ever-increasing reliance and complexity, as well as their susceptibility to poor coding practices, these web applications often face a relentless threat from attackers. To remediate this threat, web application programmers generally turn to black-box scanners (tools which examine the security of web applications from a user’s perspective). However, these tools are far from perfect. In this thesis, we analyze the shortcomings of modern black-box scanners (such as crawling-limitations and deficiencies related to detecting certain vulnerabilities) and explore methods which improve their imperfections. In doing so, we propose methods which adds a modern twist on web application crawling, explore new ways to detect blind-SQL injection vulnerabilities, as well as give light to an advanced exploitation technique for blind-SQL injection.
dc.languageeng
dc.publisheruga
dc.rightspublic
dc.subjectBlack-box scanners
dc.subjectWeb application security
dc.subjectCrawling
dc.subjectSQL Injection
dc.subjectDetection
dc.subjectExploitation
dc.titleHelping Johnny pentest
dc.title.alternativeaddressing the shortcomings of black-box Web vulnerability scanners
dc.typeThesis
dc.description.degreeMS
dc.description.departmentComputer Science
dc.description.majorComputer Science
dc.description.advisorKang Li
dc.description.committeeKang Li
dc.description.committeeLakshmish Ramaswamy
dc.description.committeeRoberto Perdisci


Files in this item

FilesSizeFormatView

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record