Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail publikace
LAZAROV, W. MARTINÁSEK, Z.
Originální název
Efficient Web Application Mapping During the Reconnaissance Phase of Penetration Testing
Typ
článek ve sborníku ve WoS nebo Scopus
Jazyk
angličtina
Originální abstrakt
This paper presents the ptwebdiscover, an advanced tool designed for web application mapping in the reconnaissance phase of penetration testing. Unlike most available tools, it operates using multiple threads, boasts modularity, and enhances testing capabilities. Notable features include the implementation of a brute force method for searching shorter file names and the ability to mark specific locations in tested URLs for string insertion. The paper provides comprehensive details about the tool's multi-threaded implementation, intelligent backup searches, and comparisons with other web application penetration testing tools. Furthermore, ptwebdiscover has been seamlessly integrated into the Penterep platform, providing a significant advantage during manual web application penetration testing.
Klíčová slova
Penterep; ptwebdiscover; penetration testing; OWASP; web application
Autoři
LAZAROV, W.; MARTINÁSEK, Z.
Vydáno
5. 12. 2023
Nakladatel
IEEE
Místo
Ghent, Belgium
ISBN
979-8-3503-9328-6
Kniha
2023 15th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)
Strany od
146
Strany do
151
Strany počet
6
URL
https://ieeexplore.ieee.org/document/10333274
BibTex
@inproceedings{BUT185696, author="Willi {Lazarov} and Zdeněk {Martinásek}", title="Efficient Web Application Mapping During the Reconnaissance Phase of Penetration Testing", booktitle="2023 15th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)", year="2023", pages="146--151", publisher="IEEE", address="Ghent, Belgium", doi="10.1109/ICUMT61075.2023.10333274", isbn="979-8-3503-9328-6", url="https://ieeexplore.ieee.org/document/10333274" }