Abstract: An automated tool analyzes source code repositories and web endpoints for unique characteristics that they both share in order to predict the likelihood that a particular source code repository contains source code files used in a web endpoint and to predict the likelihood that a web endpoint uses source code files of a particular repository. The unique characteristics are referred to as fingerprints and include unique combination of public-facing entities, unique tokens, and unique DOM characteristics.

Abstract: Methods, systems, apparatuses, and computer-readable storage mediums are described for enabling runtime supply chain security of web applications and the discovery of active malware attacks. For example, a server is configured to receive CSP-based data from browsers executing on various clients. Such data may be received via a browser extension or via a proxy between the web applications and the browsers. Using the CSP-based data, the server generates a database of supply chain inventory. The database specifies resources that are loaded for a particular web application, along with a location from where such resources are loaded. The database further specifies a chain of dependencies between such resources. The database is analyzed to determine whether any such resources have been compromised with malware or whether clients on which such resource have been loaded have been compromised with malware. Responsive to determining such cases, actions(s) may be performed to mitigate the malware.

Abstract: An automated tool analyzes source code repositories and web endpoints for unique characteristics that they both share in order to predict the likelihood that a particular source code repository contains source code files used in a web endpoint and to predict the likelihood that a web endpoint uses source code files of a particular repository. The unique characteristics are referred to as fingerprints and include unique combination of public-facing entities, unique tokens, and unique DOM characteristics.

Abstract: Described herein is a system and method for identifying a vulnerability of an application (e.g., web application). A message comprising a request and associated execution flow of the application in response to the request is received. The message is analyzed to determine whether the execution flow includes a function pre-defined as interesting. In response to determining that the execution flow includes the function pre-defined as interesting, a determination is made that the function pre-defined as interesting comprises a vulnerability of the application. In response to determining that the function pre-defined as interesting comprises a vulnerability of the application, an action is taken with respect to the vulnerability. The action can include, for example, providing information regarding the identified vulnerability and/or blocking execution of particular code of the application.

Abstract: Embodiments disclosed herein are related to computing systems, and methods for extracting web API endpoint data from source code. Source code for various web services may be accessed. The source code may include portions of web Application Programming Interface (API) endpoint data that includes data necessary to invoke the underlying API. The source code may be automatically parsed to identify the portions of web API endpoint data. The identified portions of web API endpoint data may be translated into a format different from the source code that is usable by various applications that interact with the web services via the web API endpoint data.

Abstract: Embodiments disclosed herein are related to computing systems, and methods for extracting web API endpoint data from source code. Source code for various web services may be accessed. The source code may include portions of web Application Programming Interface (API) endpoint data that includes data necessary to invoke the underlying API. The source code may be automatically parsed to identify the portions of web API endpoint data. The identified portions of web API endpoint data may be translated into a format different from the source code that is usable by various applications that interact with the web services via the web API endpoint data.

Abstract: Described herein is a system and method for identifying a vulnerability of an application (e.g., web application). A message comprising a request and associated execution flow of the application in response to the request is received. The message is analyzed to determine whether the execution flow includes a function pre-defined as interesting. In response to determining that the execution flow includes the function pre-defined as interesting, a determination is made that the function pre-defined as interesting comprises a vulnerability of the application. In response to determining that the function pre-defined as interesting comprises a vulnerability of the application, an action is taken with respect to the vulnerability. The action can include, for example, providing information regarding the identified vulnerability and/or blocking execution of particular code of the application.