Invention Grant
US09436829B2 Security testing of web applications with specialized payloads
有权
具有专用有效载荷的Web应用程序的安全测试
- Patent Title: Security testing of web applications with specialized payloads
- Patent Title (中): 具有专用有效载荷的Web应用程序的安全测试
-
Application No.: US14490788Application Date: 2014-09-19
-
Publication No.: US09436829B2Publication Date: 2016-09-06
- Inventor: Omer Tripp , Emmanuel Wurth
- Applicant: GLOBALFOUNDRIES INC.
- Applicant Address: KY Grand Cayman
- Assignee: GLOBALFOUNDRIES INC.
- Current Assignee: GLOBALFOUNDRIES INC.
- Current Assignee Address: KY Grand Cayman
- Agent Anthony J. Canale
- Priority: GB1318119.3 20131014
- Main IPC: G06F21/57
- IPC: G06F21/57 ; H04L29/06
Abstract:
In one embodiment, a computer-implemented method for security testing of web applications with specialized payloads includes submitting a test to a web application, where the test includes a payload with a set of constraints. A response is received from the web application. One or more constraints are derived from the response. The set of constraints of the payload are updated with the derived one or more constraints. The payload is synthesized, by a computer processor, for the updated set of constraints. The test having the synthesized payload is iterated with the updated set of constraints.
Public/Granted literature
- US20150106943A1 SECURITY TESTING OF WEB APPLICATIONS WITH SPECIALIZED PAYLOADS Public/Granted day:2015-04-16
Information query
