{"title":"增强Burp套件的机器学习扩展,用于Web应用程序的漏洞评估","authors":"Rrezearta Thaqi, Kamer Vishi, Blerim Rexha","doi":"10.1080/19361610.2022.2096387","DOIUrl":null,"url":null,"abstract":"Abstract Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":null,"pages":null},"PeriodicalIF":1.1000,"publicationDate":"2022-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Enhancing Burp Suite with Machine Learning Extension for Vulnerability Assessment of Web Applications\",\"authors\":\"Rrezearta Thaqi, Kamer Vishi, Blerim Rexha\",\"doi\":\"10.1080/19361610.2022.2096387\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.\",\"PeriodicalId\":44585,\"journal\":{\"name\":\"Journal of Applied Security Research\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.1000,\"publicationDate\":\"2022-07-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Applied Security Research\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/19361610.2022.2096387\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"CRIMINOLOGY & PENOLOGY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Applied Security Research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/19361610.2022.2096387","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"CRIMINOLOGY & PENOLOGY","Score":null,"Total":0}
Enhancing Burp Suite with Machine Learning Extension for Vulnerability Assessment of Web Applications
Abstract Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
