Abstract
A full scan is performed in response to receiving a request to perform a full scan. A plurality of findings is generated from the full scan. Each finding includes a URL, security vulnerability of the URL, fuzzy payload(s) used to interact with the URL, algorithm of the vulnerability detector used to identify the security vulnerability, and a current status. A verification of a finding is performed using the URL, fuzzy payload(s), and algorithm of the finding. The current status of the finding is updated based on the results of the verification of the finding. A quick scan is performed on a subset of URLs. The subset of URLs includes vulnerable URLs associated with the plurality of findings or URLs used in a previous full scan. A new finding is included into the plurality of findings or the current status of a finding of the plurality of findings is updated based on the quick scan on the subset of URLs.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Bhatnagar, Yash and M., Athira, "Web Security Scanner with Accelerate Detection and Verification of Vulnerabilities", Technical Disclosure Commons, (December 03, 2024)
https://www.tdcommons.org/dpubs_series/7611