HOME

TheInfoList



Click Here for Items Related To - Web Application Security Scanner
OR:
Web Application Security Scanner on:   [Wikipedia]   [Google]   [Amazon]

Dynamic application security testing (DAST) represents a non-functional testing process to identify security weaknesses and vulnerabilities in an application. This testing process can be carried out either manually or by using automated tools. Manual assessment of an application involves human intervention to identify the security flaws which might slip from an automated tool. Usually business logic errors,
race condition A race condition or race hazard is the condition of an electronics, software, or other system where the system's substantive behavior is dependent on the sequence or timing of other uncontrollable events, leading to unexpected or inconsistent ...
checks, and certain zero-day vulnerabilities can only be identified using manual assessments. On the other side, a DAST tool is a program which communicates with a web application through the web front-end in order to identify potential security vulnerabilities in the web application and architectural weaknesses. It performs a
black-box In science, computing, and engineering, a black box is a system which can be viewed in terms of its inputs and outputs (or transfer characteristics), without any knowledge of its internal workings. Its implementation is "opaque" (black). The te ...
test. Unlike
static application security testing Static may refer to: Places *Static Nunatak, in Antarctica *Static, Kentucky and Tennessee, U.S. *Static Peak, a mountain in Wyoming, U.S. **Static Peak Divide, a mountain pass near the peak Science and technology Physics *Static electricity, a n ...
tools, DAST tools do not have access to the source code and therefore detect
vulnerabilities Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally." The understanding of social and environmental vulnerability, as a methodological approach, involves ...
by actually performing attacks. DAST tools allow sophisticated scans, detecting vulnerabilities with minimal user interactions once configured with host name, crawling parameters and authentication credentials. These tools will attempt to detect vulnerabilities in query strings, headers, fragments, verbs (GET/POST/PUT) and DOM injection.


Overview

DAST tools facilitate the automated review of a web application with the express purpose of discovering security vulnerabilities and are required to comply with various regulatory requirements. Web application scanners can look for a wide variety of vulnerabilities, such as input/output validation: (e.g.
cross-site scripting Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be ...
and
SQL injection In computing, SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injec ...
), specific application problems and server configuration mistakes.


Commercial and open-source scanners

Commercial scanners are a category of web-assessment tools which need to be purchased. Some scanners include some free features but most need to be bought for full access to the tool's power. Open-source scanners are often free of cost to the user.


Strengths

These tools can detect vulnerabilities of the finalized
release candidate The software release life cycle is the process of developing, testing, and distributing a software product (e.g., an operating system). It typically consists of several stages, such as pre-alpha, alpha, beta, and release candidate, before the fi ...
versions prior to shipping. Scanners simulate a malicious user by attacking and probing, identifying results which are not part of the expected result set, allowing for a realistic attack simulation. The big advantage of these types of tools are that they can scan year-round to be constantly searching for vulnerabilities. With new vulnerabilities being discovered regularly this allows companies to find and patch vulnerabilities before they can become exploited. As a dynamic testing tool, web scanners are not language-dependent. A web application scanner is able to scan engine-driven web applications. Attackers use the same tools, so if the tools can find a vulnerability, so can attackers.


Weaknesses

While scanning with a DAST tool, data may be overwritten or malicious payloads injected into the subject site. Sites should be scanned in a production-like but non-production environment to ensure accurate results while protecting the data in the production environment. Because the tool is implementing a dynamic testing method, it cannot cover 100% of the source code of the application and then, the application itself. The penetration tester should look at the coverage of the web application or of its
attack surface The attack surface of a software environment is the sum of the different points (for " attack vectors") where an unauthorized user (the "attacker") can try to enter data to, extract data, control a device or critical software in an environment. Ke ...
to know if the tool was configured correctly or was able to understand the web application. The tool cannot implement all variants of attacks for a given vulnerability. So the tools generally have a predefined list of attacks and do not generate the attack payloads depending on the tested web application. Some tools are also quite limited in their understanding of the behavior of applications with dynamic content such as
JavaScript JavaScript (), often abbreviated as JS, is a programming language and core technology of the World Wide Web, alongside HTML and CSS. Ninety-nine percent of websites use JavaScript on the client side for webpage behavior. Web browsers have ...
and
Flash Flash, flashes, or FLASH may refer to: Arts, entertainment, and media Fictional aliases * The Flash, several DC Comics superheroes with super speed: ** Flash (Jay Garrick) ** Barry Allen ** Wally West, the first Kid Flash and third adult Flash ...
.


See also

*
Security testing Security testing is a process intended to detect flaws in the security mechanisms of an information system and as such help enable it to protect data and maintain functionality as intended. Due to the logical limitations of security testing, pass ...
*
Static application security testing Static may refer to: Places *Static Nunatak, in Antarctica *Static, Kentucky and Tennessee, U.S. *Static Peak, a mountain in Wyoming, U.S. **Static Peak Divide, a mountain pass near the peak Science and technology Physics *Static electricity, a n ...
*
Interactive application security testing Interactive application security testing (abbreviated as IAST) is a security testing method that detects software vulnerabilities by interaction with the program coupled with observation and sensors. The tool was launched by several application sec ...


References


External links


Web Application Security Scanner Evaluation Criteria
from th
Web Application Security Consortium
(WASC)
Web Application Scanners
operated by the
NIST The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical s ...

Challenges faced by automated web application security assessment
from Robert Auger
The WASC security scanner list
{{DEFAULTSORT:Web Application Security Scanner Security testing Dynamic program analysis