Black-box testing of web applications with client-side code evaluation

Invention Grant

US08910291B2 Black-box testing of web applications with client-side code evaluation 有权

Title translation: 使用客户端代码评估对Web应用程序进行黑盒测试

Please log in to see more content

Patent Title: Black-box testing of web applications with client-side code evaluation
Patent Title (中): 使用客户端代码评估对Web应用程序进行黑盒测试
Application No.: US13430013

Application Date: 2012-03-26
Publication No.: US08910291B2

Publication Date: 2014-12-09
Inventor: Yinnon A. Haviv , Daniel Kalman , Dmitri Pikus , Omer Tripp , Omri Weisman
Applicant: Yinnon A. Haviv , Daniel Kalman , Dmitri Pikus , Omer Tripp , Omri Weisman
Applicant Address: US NY Armonk
Assignee: International Business Machines Corporation
Current Assignee: International Business Machines Corporation
Current Assignee Address: US NY Armonk
Agency: Cuenot, Forsythe & Kim, LLC
Main IPC: H04L29/06
IPC: H04L29/06 ; G06F21/57

Black-box testing of web applications with client-side code evaluation

Abstract:

Detecting security vulnerabilities in web applications by interacting with a web application at a computer server during its execution at the computer server, identifying client-side instructions provided by the web application responsive to an interaction with the web application, where the client-side instructions are configured to be implemented by a client computer that receives the client-side instructions from the computer server, evaluating the identified client-side instructions, and identifying a security vulnerability associated with the client-side instructions.

Abstract(Chinese):

通过在计算机服务器执行期间与计算机服务器上的Web应用程序交互来检测Web应用程序中的安全漏洞，识别由Web应用程序提供的客户端指令，响应于与Web应用程序的交互，其中客户端指令是被配置为由从计算机服务器接收客户端指令的客户端计算机实现，评估所识别的客户端指令，以及识别与客户端指令相关联的安全漏洞。

Public/Granted literature

US20130007887A1 BLACK-BOX TESTING OF WEB APPLICATIONS WITH CLIENT-SIDE CODE EVALUATION Public/Granted day:2013-01-03

Information query

Espacenet