Abstract

Second-order vulnerabilities are more subtle and more destructive than the first-order vulnerabilities. After researching and analyzing the principles of web penetration testing and second-order attack principles, this paper proposes a method to detect web second-order security vulnerabilities. The method detects web second-order security vulnerabilities through two crawl scans. It crawls the website URL for the first time, sends anchor points, crawls URLs of the storage anchor point for the second time, and detects second-order web security vulnerabilities specifically for these suspicious URLs. The approach greatly reduces the time complexity of detecting second-order web security vulnerabilities and makes up for the lack of methods to detect web security second-order vulnerabilities.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A Survey on Web Application Penetration Testing
Esra Abdullatif Altulaihan ... Abrar Alismail
Electronics | VOL. 12
Esra Abdullatif Altulaihan, et. al.Esra Abdullatif Altulaihan ... Abrar Alismail
04 Mar 2023
Security Issues and Vulnerabilities in Web Application
Sitara Anumotu ... Pronika Chawla
-
Sitara Anumotu, et. al.Sitara Anumotu ... Pronika Chawla
27 Sep 2022
Deep Analysis of Attacks and Vulnerabilities of Web Security
Naresh Chillur ... Sagar Patel
-
Naresh Chillur, et. al.Naresh Chillur ... Sagar Patel
01 Jan 2021
Addressing Web Application Security Issues and Vulnerabilities Assessment Pen Testing
Matthi Naveen* ... Dr Pragnyaban Mishra
International Journal of Recent Technology and Engineering (IJRTE) | VOL. 8
Matthi Naveen*, et. al.Matthi Naveen* ... Dr Pragnyaban Mishra
30 Mar 2020
View more papers

More From: IEEE access : practical innovations, open solutions

Paper Title
Journal
Date
Author
Self-Supervised Real-World Image Denoising Based on Multi-Scale Feature Enhancement and Attention Fusion
Hailiang Tang ... Ke Zhao
IEEE access : practical innovations, open solutions | VOL. 12
Hailiang Tang, et. al.Hailiang Tang ... Ke Zhao
01 Jan 2024
Efficient Power Control and Resource Allocation for LTE-D2D Communication: A Multi-Objective Optimization Approach
Faisal Hussain ... Muhammad Mahbub Alam
IEEE access : practical innovations, open solutions | VOL. 12
Faisal Hussain, et. al.Faisal Hussain ... Muhammad Mahbub Alam
01 Jan 2024
Korean Sign Language Alphabet Recognition Through the Integration of Handcrafted and Deep Learning-Based Two-Stream Feature Extraction Approach
Jungpil Shin ... Koki Hirooka
IEEE access : practical innovations, open solutions | VOL. 12
Jungpil Shin, et. al.Jungpil Shin ... Koki Hirooka
01 Jan 2024
Joint Learning of Spectral Clustering and Low-Rank Representation Based on Precise Segmentation Cost for Cancer Subtype Identification
Yanming Cao ... Zeyuan Wang
IEEE access : practical innovations, open solutions | VOL. 12
Yanming Cao, et. al.Yanming Cao ... Zeyuan Wang
01 Jan 2024
View more papers