Abstract: Vulnerability testing of a web application can be done using external testing, wherein an external test system runs with permissions of a user of the web application and interacts with the web application over a network, the external test system might obtain a schedule for a vulnerability test, execute the schedule using the external test system, log at least portions of responses of the web application to interactions of the external test system with the web application, compare portions of the responses to expected possible responses associated with particular possible vulnerabilities of the web application, thereby detecting possible vulnerabilities of the web application and, for at least one detected possible vulnerability, generating a retest script that comprises at least instructions to place the web application in a state at least similar to the state at which the at least one detected possible vulnerability was detected during execution of the schedule and that comprises at least instructions to int

Abstract: A web application security scanner (WASS) includes a login manager configured to perform an automated login to a web site. The automated login may be performed when the login manager detects that a login session has ended. The login manager is configured to determine credentials for the web site to allow the WASS to access the web site. The WASS may then use the credentials to continue scanning the web site. Thus, previously unscannable web pages may be accessed in the web site because of the automated login process.

Abstract: An improved method and apparatus for client-side application analysis is provided. Client-side application analysis involves determining and testing, using client-side application interfaces and the like, data input points and analyzing client requests and server responses. A security vulnerability analyzer can be employed to analyze content for client-side application files, such as Flash files and Java applets, extract addresses and data parameters embedded in the client-side application file, and modify the data parameters according to user-defined test criteria. The modified data parameters are transmitted as part of a request to a respective server used to service requests from the client-side application files. The security vulnerability analyzer analyzes the response from the server to ascertain if there are any security vulnerabilities associated with the interface between the client-side application file and the server.

Abstract: A method of testing a web application, wherein a web application is a program that operates on a server and interacts with clients that access the program over a network, wherein further the web application accepts parameters that define results generated from the web application, the method comprising determining which web application uniform resource identifiers (URIs) are used to access various web applications on a system, determining if more than a threshold of the URIs are for a common web application, selecting a subset of less than all of the URIs for the common web application when the threshold is exceeded for that common web application, wherein the subset is selected at least in part independently of the order generated and performing a security scan on the selected subset.

Abstract: An apparatus and method of managing vulnerability testing of a web application is provided for running a set of one or more scripted tests against a web application, recording results of the one or more scripted tests, providing an interface for a human evaluator to review the recorded results, and accepting from the human evaluator custom test parameters based on observations of the recorded results, wherein custom test parameters include at least one context usable by a future tester in deciding whether to run the custom test, and also includes at least one instruction for automatically running custom test steps of the custom test.

Abstract: A system provides for fuzzy classification in comparisons of scanner responses. A web application test suite performs tests against a web application by sending client requests from a testing computer to the server running the web application and checking how the web application responds. A thorough web application security scan might involve thousands of checks and responses. As a result, some sort of programmatic analysis is needed. One such evaluation involves comparing one response against another. Response matching that compares two HTTP responses might use fuzzy classification processes.

Abstract: An improved method and apparatus for client-side web application analysis is provided. Client-side web application analysis involves determining and testing, using client-side application interfaces and the like, data input points and analyzing client requests and server responses. In one embodiment, a security vulnerability analyzer is employed to analyze web page content for client-side application files, such as Flash files and Java applets, extract web addresses and data parameters embedded in the client-side application file, and modify the data parameters according to user-defined test criteria. The modified data parameters are transmitted as part of a request to a respective web server used to service the client-side application files. The security vulnerability analyzer analyzes the response from the server to ascertain if there are any security vulnerabilities associated with the interface between the client-side application file and the web server.

Abstract: A method of testing a web application, wherein a web application is a program that operates on a server and interacts with clients that access the program over a network, wherein further the web application accepts parameters that define results generated from the web application, the method comprising determining which web application uniform resource identifiers (URIs) are used to access various web applications on a system, determining if more than a threshold of the URIs are for a common web application, selecting a subset of less than all of the URIs for the common web application when the threshold is exceeded for that common web application, wherein the subset is selected at least in part independently of the order generated and performing a security scan on the selected subset.

Abstract: A web application security scanner (WASS) includes a login manager configured to perform an automated login to a web site. The automated login may be performed when the login manager detects that a login session has ended. The login manager is configured to determine credentials for the web site to allow the WASS to access the web site. The WASS may then use the credentials to continue scanning the web site. Thus, previously unscannable web pages may be accessed in the web site because of the automated login process.

Abstract: An improved method and apparatus for client-side web application analysis is provided. Client-side web application analysis involves determining and testing, using client-side application interfaces and the like, data input points and analyzing client requests and server responses. A security vulnerability analyzer can analyze web page content for client-side application files, such as Flash files and Java applets, extract web addresses and data parameters embedded in the client-side application file, and modify the data parameters according to user-defined test criteria. The modified data parameters are transmitted as part of a request to a respective web server used to service the client-side application files. The security vulnerability analyzer analyzes the response from the server to ascertain if there are any security vulnerabilities associated with the interface between the client-side application file and the web server.

Abstract: A system provides for fuzzy classification in comparisons of scanner responses. A web application test suite performs tests against a web application by sending client requests from a testing computer to the server running the web application and checking how the web application responds. A thorough web application security scan might involve thousands of checks and responses. As a result, some sort of programmatic analysis is needed. One such evaluation involves comparing one response against another. Response matching that compares two HTTP responses might use fuzzy classification processes.

Abstract: A web application security scanner (WASS) includes a login manager configured to perform an automated login to a web site. The automated login may be performed when the login manager detects that a login session has ended. The login manager is configured to determine credentials for the web site to allow the WASS to access the web site. The WASS may then use the credentials to continue scanning the web site. Thus, previously unscannable web pages may be accessed in the web site because of the automated login process.

Abstract: A web application firewall (WAFs) used to secure websites from many known and unknown vulnerabilities is described. In one embodiment, the WAF is installed between a server that is serving web content and a network over which clients access the website hosted on the server. The WAF is configured to provide security from external attacks by preventing the website from receiving data that it did not send, and that the data received was not altered by a client. The WAF encodes outbound HTTP response data such that when a client or interloper follows one of the links or other constructs in the response data, the WAF can determine the validity of the next client request. In one embodiment, each universal resource locator link is encrypted and checked for validity when it is returned to the server via the WAF.

Abstract: An improved method and apparatus for client-side web application analysis is provided. Client-side web application analysis involves determining and testing, using client-side application interfaces and the like, data input points and analyzing client requests and server responses. In one embodiment, a security vulnerability analyzer is employed to analyze web page content for client-side application files, such as Flash files and Java applets, extract web addresses and data parameters embedded in the client-side application file, and modify the data parameters according to user-defined test criteria. The modified data parameters are transmitted as part of a request to a respective web server used to service the client-side application files. The security vulnerability analyzer analyzes the response from the server to ascertain if there are any security vulnerabilities associated with the interface between the client-side application file and the web server.

Abstract: A web application security scanner (WASS) includes a login manager configured to perform an automated login to a web site. The automated login may be performed when the login manager detects that a login session has ended. The login manager is configured to determine credentials for the web site to allow the WASS to access the web site. The WASS may then use the credentials to continue scanning the web site. Thus, previously unscannable web pages may be accessed in the web site because of the automated login process.