Abstract
The article describes the investigation process of the possibilities of XSS–attacks, and the development of counteraction means to these attacks. Researches were determined whether XSS–attack can be fulfilled successfully, and vulnerability detection methods can be applied; were developed the logical and structural diagrams of XSS–vulnerability detection program; were realized program implementation (software) of algorithms for detecting XSS–vulnerabilities on the Web – sites. The software implementation is Web extension for the Google Chrome browser. Main purpose of implementing this software is to confirm or deny the presence of XSS–vulnerabilities on the site, and to counteract the possible attack.
Highlights
Today, the informatization is one of the priority directions for the development of all economic sectors
The huge volume of compromised personal data and payment information, and the high percentage of leaks of these types of data, indicates the growing value of personal information in digital form from year to year. This applies to personal data of individual citizens, and to information about individuals – representatives of counterparty organizations, which personal information is accumulated in the client databases of the commercial companies
Structure of the performed functions [13]: 1) Automatic site check for reflected XSS–attacks; 2) Automatic information saving about the site being checked in the database, where all data about XSS–attacks is located; 3) Notifying the user about the XS–attack conducting; 4) Automatic comparison of the site being checked with sites located in the database, and output of comparison results
Summary
The informatization is one of the priority directions for the development of all economic sectors. Purpose of investigation is creation of program application for Google Chrome browser, of automated system for testing Web – pages for XSS vulnerabilities, with understandable intuitively interface, easy configuration and high percentage of vulnerability detection.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
