Saved in:
Bibliographic Details
Main Authors: Olivares-Naya, María, de Gracia, Jacobo Casado, Sánchez-Macián, Alfonso
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2410.12422
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866929546394075136
author Olivares-Naya, María
de Gracia, Jacobo Casado
Sánchez-Macián, Alfonso
author_facet Olivares-Naya, María
de Gracia, Jacobo Casado
Sánchez-Macián, Alfonso
contents Web application pentesting is a crucial component in the offensive cybersecurity area, whose aim is to safeguard web applications and web services as the majority of the web applications are mounted in publicly accessible web environments. This method requires that the cybersecurity experts pretend and act as real attackers to identify all the errors and vulnerabilities in web applications with the objective of preventing and reducing damages. As this process may be quite complex and the amount of information pentesters need may be big, being able to automate it will help them to easily discover the vulnerabilities given. This project is the direct continuation of the previous initiative called PThelper: An open source tool to support the Penetration Testing process. This continuation is focused on expanding PThelper with the functionality to detect and later report web vulnerabilities in order to address emerging threats and strengthen the ability of the organizations to protect their web applications against potential cyber-attacks.
format Preprint
id arxiv_https___arxiv_org_abs_2410_12422
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Adding web pentesting functionality to PTHelper
Olivares-Naya, María
de Gracia, Jacobo Casado
Sánchez-Macián, Alfonso
Cryptography and Security
Web application pentesting is a crucial component in the offensive cybersecurity area, whose aim is to safeguard web applications and web services as the majority of the web applications are mounted in publicly accessible web environments. This method requires that the cybersecurity experts pretend and act as real attackers to identify all the errors and vulnerabilities in web applications with the objective of preventing and reducing damages. As this process may be quite complex and the amount of information pentesters need may be big, being able to automate it will help them to easily discover the vulnerabilities given. This project is the direct continuation of the previous initiative called PThelper: An open source tool to support the Penetration Testing process. This continuation is focused on expanding PThelper with the functionality to detect and later report web vulnerabilities in order to address emerging threats and strengthen the ability of the organizations to protect their web applications against potential cyber-attacks.
title Adding web pentesting functionality to PTHelper
topic Cryptography and Security
url https://arxiv.org/abs/2410.12422