1. InfoconDB
  2. OWASP
  3. AppSec USA 2017
  4. An Investigation into the Differences Between Web Application Scanning Tools when Scanning for XSS and SQLi

An Investigation into the Differences Between Web Application Scanning Tools when Scanning for XSS and SQLi

Presented at AppSec USA 2017, Sept. 21, 2017, 10:30 a.m. (45 minutes)

Web Application Vulnerability Scanners are becoming increasingly automated and are facing more difficulties as web technologies change and evolve.   As is evident from the October 2015 "Talk-Talk hack", where a 16-Year-old boy performed an easily exploitable SQL Injection attack which resulted in TalkTalk losing £60 million and where 157,000 customers had their detailsstolen, The effects of having insecure Web Applications can be utterly disastrous. Web Application Scanning tools are used by Penetration Testers and Security folk alike in order to help identify vulnerabilities in a given web app. They come in many different forms and some cost a significant sum. Scanners attempt to identify dangerous vulnerabilities like Cross Site Scripting (XSS) and SQL Injection among many others and these tools must be constantly improved and enhanced in order to keep up with the latest maliciou sattacker techniques but also contemporary development frameworks.   For example, architectural changes and improvements issues such as Anti-CSRF tokens, recursive links and JS dynamically generated URLS have a massive impact on a scanners ability to effectively identify, crawl, scan and analyse a target web application for vulnerabilities.     This presentation addresses the problems that current web application scanners face in dealing with both traditional and contemporary web architectures and technologies. It suggests improvements and identifies pitfalls of using automation without applying intelligence and a contextual view of the target being assessed.

Presenters:

  • Robert Feeney - SecOps Lead - Edgescan
    Robert is currently the Operations Lead for the edgescan™ managed service. His main responsibility is ensuring the high technical quality of the service and managing a team of security analysts from a technical excellence standpoint. Rob is an experienced security consultant and has delivered hundreds of technical security assessments and penetration tests across many industry verticals. He holds a BSc in Computing and has just completed his MSc in Cyber Security and Digital Forensics. He is also a Member of OWASP Dublin, Ireland

Links:

Similar Presentations: