Browse Prior Art Database

Improving security scanning with GlassBox via code parts bypass

IP.com Disclosure Number: IPCOM000197672D
Publication Date: 2010-Jul-19

Publishing Venue

The IP.com Prior Art Database

Abstract

Many web-applications use various techniques, such as CAPTACH, in order to cripple malicious automated clients that aim to degrade the application's quality of service. However, as a by-product, these countermeasures also cripple automated vulnerability scanners, rendering their coverage capabilities ineffective. Our solution identifies crippling code parts and then dynamically bypasses them in way which does not affect the application's logic. This ultimately allows black-box scanners to scan web-applications that contain anti-automation measures fluently.