Skip to main content
SpringerLink
Log in

Analyzing the traffic of penetration testing tools with an IDS

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Many papers have been published comparing the accuracy of automated tools in looking for vulnerabilities in web applications. In those previous studies the researchers analyze vulnerable web applications with pentesting tools and then the reports that automated tools generate are compared to each other. The aim of this work is not only to know the detection capabilities of tools, but also to know what tests are performed, which vulnerabilities they try to detect and which really has the web application. This way it can be known whether the tests carried out by automated tools are efficient and meet two important aspects of the analysis tools: the automated tool has to try to detect all vulnerabilities in the web applications if it has a feature to do it; and also they have to report all vulnerabilities that they detect.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Sagala A, Manurung E (2015) Testing and comparing result scanning using web vulnerability scanner. Adv Sci Lett 21(11):3458–3462

    Article  Google Scholar 

  2. Nidhra S, Dondeti J (2012) Blackbox and whitebox testing techniques—a literature review. Int J Embed Syst Appl (IJESA) 2(2):29–50

    Google Scholar 

  3. Makino Y, Klyuev V (2015) Evaluation of web vulnerability scanners. In: Proceedings of the IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), vol 1, Warsaw, PL, pp 399–402

  4. Bau J, Bursztein E, Gupta D, Mitchell J (2010) State of the art: automated black-box web application vulnerability testing. In: Proceedings of the 2010 IEEE Symposium on Security and Privacy, SP ’10, IEEE Computer Society, Washington, DC, USA, pp 332–345

  5. Baral P (2011) Web application scanners: a review of related articles. IEEE Potentials 30(2):10–14

    Article  Google Scholar 

  6. The Open Web Application Security Project OWASP (2016) OWASP Zed Attack Proxy Project. https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project. Accessed 29 April 2016

  7. Google (2016) Google Code—Skipfish. https://code.google.com/archive/p/skipfish/. Accessed 22 March 2016

  8. RandomStorm (2016) Damn Vulnerable Web Application (DVWA). http://www.dvwa.co.uk. Accessed 22 March 2016

  9. Google (2016) Google Code—WAVSEP. https://code.google.com/archive/p/wavsep/. Accessed 29 April 2016

  10. Saeed FA (2014) Using WASSEC to analysis and evaluate open source web application security scanners. Int J Comput Sci Netw 3(2):43–49

    Google Scholar 

  11. Web Application Security Consortium (2016) Web application security scanner evaluation criteria WASSEC. http://goo.gl/aePtyC. Accessed 22 March 2016

  12. W3af (2016) W3af—open source web application security scanner. http://w3af.org. Accessed 29 April 2016

  13. Saeed FA (2014) Using WASSEC to evaluate commercial web application security scanners. Int J Soft Comput Eng (IJSCE) 4(1):177–181

    MathSciNet  Google Scholar 

  14. Acunetix (2015) Web vulnerability scanner v10 product manual. Product Manual, Acunetix

  15. Khoury N, Zavarsky P, Lindskog D, Ruhl R (2011) An analysis of black-box web application security scanners against stored SQL injection. In: Proceedings of the IEEE Third International Conference on Privacy, Security, Risk and Trust (PASSAT) and IEEE Third Inernational Conference on Social Computing (SocialCom), Boston, MA, pp 1095–1101

  16. Daud NI, Bakar KAA, Hasan MSMd (2014) A case study on web application vulnerability scanning tools. In: Proceedings of the Conference of Science and Information (SAI), IEEE, pp 595–600

  17. Suteva N, Zlatkovski D, Mileva A (2013) Evaluation and testing of several free/open source web vulnerability scanners. In: Proceedings of the 10th Conference for Informatics and Information Technology (CIIT 2013), Bitola, MK, pp 221–224

  18. (2016) Snort—Network Intrusion Detection and Prevention System. https://www.snort.org/. Accessed 29 April 2016

  19. Alnabulsi H, Islam Md.R, Mamun Q (2014) Detecting SQL injection attacks using SNORT IDS. In: Proceedings of the 2014 Asia-Pacific World Congress on Computer Science and Engineering (APWC on CSE), IEEE, pp 1–7

  20. Dabbour M, Alsmadi I, Alsukhni E (2013) Efficient assessment and evaluation for websites vulnerabilities using SNORT. Int J Secur Appl 7(1)

  21. HP (2015) HP WebInsPect. Product Manual, HP

  22. Arachni (2016) ARACHNI web application security scanner framework. http://www.arachni-scanner.com. Accessed 29 April 2016

  23. The Open Web Application Security Project OWASP (2013) OWASP Top 10—2013 the ten most critical web application security risks. Release, the open web application security project OWASP

  24. Firns I (2016) Dedicated Spooler for Snort’s Unified2 Binary Output Format. https://github.com/firnsy/barnyard2. Accessed 29 April 2016

  25. Willis Webber D (2016) Ruby on rails application for network security monitoring. https://github.com/Snorby/snorby. Accessed 29 April 2016

  26. Doupé A, Cova M, Vigna G (2010) Detection of intrusions and malware, and vulnerability assessment. In: Kreibich C, Jahnke M (eds), Proceedings of the 7th International Conference (DIMVA 2010), Bonn, Germany, pp 111–131

  27. Doupé A (2016) WackoPicko vulnerable website. https://github.com/adamdoupe/WackoPicko. Accessed 22 March 2016

  28. Network Statistics Gatherer (2016) https://unix4lyfe.org/darkstat/. Accessed 29 April 2016

Download references

Acknowledgements

This work was funded by the European Commission Horizon 2020 Programme under Grant Agreement Number H2020-FCT-2015/700326-RAMSES (Internet Forensic Platform for Tracking the Money Flow of Financially-Motivated Malware).

Author information

Authors and Affiliations

  1. Group of Analysis, Security and Systems (GASS), Department of Software Engineering and Artificial Intelligence (DISIA), Faculty of Computer Science and Engineering, Office 431, Universidad Complutense de Madrid (UCM), Calle Profesor José García Santesmases, 9, Ciudad Universitaria, 28040, Madrid, Spain

    Fernando Román Muñoz, Esteban Alejandro Armas Vega & Luis Javier García Villalba

Authors
  1. Fernando Román Muñoz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Esteban Alejandro Armas Vega
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Luis Javier García Villalba
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Luis Javier García Villalba.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Muñoz, F.R., Armas Vega, E.A. & Villalba, L.J.G. Analyzing the traffic of penetration testing tools with an IDS. J Supercomput 74, 6454–6469 (2018). https://doi.org/10.1007/s11227-016-1920-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-016-1920-7

Keywords

Search

Navigation