Penetration Testing for Web Services
Authors
Abstract
Web services are often deployed with critical software security faults that open them to malicious attack. Penetration testing using commercially available automated tools can help avoid such faults, but new analysis of several popular testing tools reveals significant failings in their performance.Issue No.02 - Feb. (2014 vol.47)
pp: 30-36
Keywords
Web security scanners, Web services, code vulnerabilities, penetration testing, vulnerability detectionSubject
security testingJournal
IEEE Computer, Vol. 47, pp. 30-36, IEEE, February 2014DOI
Cited by
Year 2015 : 2 citations
T. Aghariya, “Security Testing on Web Application,” MSc Thesis, Charles Darwin University, Darwin, 2015.
T. Fertig and P. Braun, “Model-driven Testing of RESTful APIs,” in Proceedings of the 24th International Conference on World Wide Web Companion, Republic and Canton of Geneva, Switzerland, 2015, pp. 1497–1502.
Year 2014 : 3 citations
C. T. Phong and W. Q. Yan, “An Overview of Penetration Testing,” International Journal of Digital Crime and Forensics (IJDCF), vol. 6, no. 4, pp. 50–74, 2014.
T. P. Chiem, “A study of penetration testing tools and approaches,” MSc Thesis, Auckland University of Technology, Auckland, New Zealand, 2014.
I. Mukhopadhyay, “Web Penetration Testing using Nessus and Metasploit Tool,” IOSR Journal of Computer Engineering (IOSR-JCE), vol. 16, no. 3, pp. 126–129, 2014.