CRAXweb: Automatic Web Application Testing and Attack Generation
暂无分享,去创建一个
Huan Liu | Shih-Kun Huang | Han-Lin Lu | Wai-Meng Leong | Shih-Kun Huang | Han-Lin Lu | Wai-Meng Leong | Huan Liu
[1] Michael D. Ernst,et al. Automatic creation of SQL Injection and cross-site scripting attacks , 2009, 2009 IEEE 31st International Conference on Software Engineering.
[2] Richard J. Enbody,et al. Towards an automatic exploit pipeline , 2011, 2011 International Conference for Internet Technology and Secured Transactions.
[3] Dawson R. Engler,et al. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs , 2008, OSDI.
[4] Avik Chaudhuri,et al. Symbolic security analysis of ruby-on-rails web applications , 2010, CCS '10.
[5] Michael Bächle,et al. Ruby on Rails , 2006, Softwaretechnik-Trends.
[6] Vikram S. Adve,et al. LLVM: a compilation framework for lifelong program analysis & transformation , 2004, International Symposium on Code Generation and Optimization, 2004. CGO 2004..
[7] Steve Hanna,et al. A Symbolic Execution Framework for JavaScript , 2010, 2010 IEEE Symposium on Security and Privacy.
[8] Aaron Stump,et al. SMT-COMP: Satisfiability Modulo Theories Competition , 2005, CAV.
[9] Fabrice Bellard,et al. QEMU, a Fast and Portable Dynamic Translator , 2005, USENIX Annual Technical Conference, FREENIX Track.
[10] David Brumley,et al. All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask) , 2010, 2010 IEEE Symposium on Security and Privacy.
[11] V. N. Venkatakrishnan,et al. WAPTEC: whitebox analysis of web applications for parameter tampering exploit construction , 2011, CCS '11.
[12] Vitaly Chipounov,et al. Selective Symbolic Execution , 2009 .
[13] David L. Dill,et al. A Decision Procedure for Bit-Vectors and Arrays , 2007, CAV.
[14] Xiang Fu,et al. SAFELI: SQL injection scanner using symbolic execution , 2008, TAV-WEB '08.
[15] Wesley J. Chun,et al. Python Web Development with Django , 2008 .
[16] Monica S. Lam,et al. Automatic Generation of XSS and SQL Injection Attacks with Goal-Directed Model Checking , 2008, USENIX Security Symposium.
[17] James C. King,et al. Symbolic execution and program testing , 1976, CACM.
[18] Frank Tip,et al. Finding bugs in dynamic web applications , 2008, ISSTA '08.