Đang chuẩn bị liên kết để tải về tài liệu:
Solutions for auto testing and auto warning website errors based on the results of the website error scanning tools

Solutions for auto testing and auto warning website errors based on the results of the website error scanning tools. Nowadays, there are commercial and free tools to automatically test websites’ security which is considered to be the positive point for pen-tester. In contrast, these tools might also produce false alerts. | TẠP CHÍ KHOA HỌC ĐẠI HỌC ĐÀ LẠT Tập 6, Số 2, 2016 229–238 229 SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS Pham Duy Loca*, Phan Thị Thanh Ngaa a The Faculty of Information Technology, Dalat University, Lamdong, Vietnam Article history Received: January 04th, 2016 Received in revised form: March 21st, 2016 Accepted: March 31st, 2016 Abstract Nowadays, there are commercial and free tools to automatically test websites’ security which is considered to be the positive point for pen-tester. In contrast, these tools might also produce false alerts. To minimize these false alerts, it is necessary to develop a tool which helps pen-tester verify alerts manually or automatically with cross-checking results collected from many pen-test tools. We name this tool PAT (Pen-Test Assistance Tool). PAT is able to save experiences from previous successful checking for future check. PAT also can check vulnerabilities automatically based on report of pen-test tools and warn website errors to web-masters automatically via email. In the first version of PAT, we focus on SQL Injection vulnerabilities in ASP.NET websites. Keywords: SQL injection attacks; PAT; Web vulnerability scanner. 1. INTRODUCTION Internet users are facing huge problems from hackers. The growth of the Internet helps individual users and business users advertise their images to the world via online services and applications ranged from Instant Messaging, emails to ecommerce. Websites offering those services are becoming more and more popular. However, websites might face threats from hackers as hackers are developing in size and number. In the past, the hackers targeted passwords to change the homepage’s interface. Hackers these days are more dangerous when they might even threaten the national sercurity. * Corresponding author: locpd@dlu.edu.vn TẠP CHÍ KHOA HỌC ĐẠI HỌC ĐÀ LẠT [ĐẶC SAN CÔNG NGHỆ THÔNG TIN] 230 Besides, it is concerned .