1. OPUS
  2. Universität Stuttgart
  3. 05 Fakultät Informatik, Elektrotechnik und Informationstechnik
Bitte benutzen Sie diese Kennung, um auf die Ressource zu verweisen: http://dx.doi.org/10.18419/opus-10617
Langanzeige der Metadaten
DC ElementWertSprache
dc.contributor.authorLis, Alexander-
dc.date.accessioned2019-11-14T08:51:27Z-
dc.date.available2019-11-14T08:51:27Z-
dc.date.issued2019de
dc.identifier.other1682265447-
dc.identifier.urihttp://nbn-resolving.de/urn:nbn:de:bsz:93-opus-ds-106347de
dc.identifier.urihttp://elib.uni-stuttgart.de/handle/11682/10634-
dc.identifier.urihttp://dx.doi.org/10.18419/opus-10617-
dc.description.abstractWithin the last years the commercial relevance of web applications increased steadily. They developed from simple information sharing platforms to serious business applications like online-banking, e-commerce and social media platforms. Unlike most other technologies, web-based applications are accessible from around the world continuously. Additionally, they are very susceptible for vulnerabilities as there are various technologies interacting. These factors render web applications to very attractive targets for criminals because they are often easy to attack, globally accessible and yield valuable exploits. As a consequence, much effort was put into research to prevent, detect and eliminate web application vulnerabilities. However manual security audits are time-consuming, costly and demand expertknowledge. Web vulnerability scanners tackle this problem. They are programs that test web applications for the existence of vulnerabilities. Additionally they categorize and report them. Because these tools work automatically, faster as humans and reduce the necessary knowledge in network security, they became an interesting supplementation to traditional security audits. On the other side web vulnerability scanners also have their limits. They can not test for the absence of vulnerabilities and thus produce false positives or miss weaknesses. Furthermore previous research has shown that there are also vulnerability classes that are especially intricate to detect like stored SQL injections or stored cross-site scripting vulnerabilities. Nonetheless web vulnerability scanners show very much potential and there is a growing interest into automatic web application testing. This is reflected in the increasing diversity of commercial web vulnerability scanners that can be found online. Thus this thesis compares and examines three web vulnerability scanners, namely Acunetix, Arachni and w3af. Focus is set on delineating the current capabilities and limits of state-of-the-art vulnerability scanners.en
dc.language.isoende
dc.rightsinfo:eu-repo/semantics/openAccessde
dc.subject.ddc004de
dc.titleComparison and analysis of web vulnerability scannersen
dc.typebachelorThesisde
ubs.fakultaetInformatik, Elektrotechnik und Informationstechnikde
ubs.institutInstitut für Informationssicherheitde
ubs.publikation.seiten43de
ubs.publikation.typAbschlussarbeit (Bachelor)de
Enthalten in den Sammlungen:05 Fakultät Informatik, Elektrotechnik und Informationstechnik

Dateien zu dieser Ressource:
Datei Beschreibung GrößeFormat 
bachelorthesis_alexander_lis.pdf456,08 kBAdobe PDFÖffnen/Anzeigen
Zur Kurzanzeige


Alle Ressourcen in diesem Repositorium sind urheberrechtlich geschützt.