SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS

Phạm Duy Lộc; Phan Thị Thanh Nga

doi:10.37569/DalatUniversity.6.2.42(2016)

Tạp chí Khoa học Đại học Đà Lạt (Jun 2016)

SOLUTIONS FOR AUTO-TESTING AND AUTO-WARNING WEBSITE ERRORS BASED ON THE RESULTS OF THE WEBSITE ERROR SCANNING TOOLS

Phạm Duy Lộc,
Phan Thị Thanh Nga

Affiliations

Phạm Duy Lộc: Khoa Công nghệ Thông tin, Trường Đại học Đà Lạt
Phan Thị Thanh Nga: Khoa Công nghệ Thông tin, Trường Đại học Đà Lạt

DOI: https://doi.org/10.37569/DalatUniversity.6.2.42(2016)
Journal volume & issue: Vol. 6, no. 2

Abstract

Read online

Nowadays, there are commercial and free tools to automatically test websites’ security which is considered to be the positive point for pen-tester. In contrast, these tools might also produce false alerts. To minimize these false alerts, it is necessary to develop a tool which helps pen-tester verify alerts manually or automatically with cross-checking results collected from many pen-test tools. We name this tool PAT (Pen-Test Assistance Tool). PAT is able to save experiences from previous successful checking for future check. PAT also can check vulnerabilities automatically based on report of pen-test tools and warn website errors to web-masters automatically via email. In the first version of PAT, we focus on SQL Injection vulnerabilities in ASP.NET websites.

Published in Tạp chí Khoa học Đại học Đà Lạt

ISSN: 0866-787X (Online)
Publisher: Dalat University
Country of publisher: Viet Nam
LCC subjects: General Works
Website: http://tckh.dlu.edu.vn

About the journal

Abstract

Keywords