专利检索 ap:("Marco PISTOIA" OR "Omer Tripp" OR "Omri Weisman") AND inv:"Omri Weisman" 第 5 页

41.

发明申请
TARGETED SECURITY TESTING 有权

公开(公告)号：US20130174262A1

公开(公告)日：2013-07-04

申请号：US13431808

申请日：2012-03-27

申请人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman

发明人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman

IPC分类号： G06F21/00 , G06F17/00

CPC分类号： G06F21/577 , G06F2221/033

摘要： Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads.

42.

发明授权
Browser based method of assessing web application vulnerability 有权
标题翻译：基于浏览器的Web应用漏洞评估方法

公开(公告)号：US09264443B2

公开(公告)日：2016-02-16

申请号：US12197461

申请日：2008-08-25

申请人： Omri Weisman

发明人： Omri Weisman

IPC分类号： G06F21/00 , H04L29/06 , G06F21/57

CPC分类号： H04L63/1433 , G06F21/577

摘要： A novel and useful mechanism and method for assessing the vulnerability of web applications while browsing the application. As a user interacts with the web application, HTTP requests are sent from the browser to the web server. Each HTTP request is analyzed to determine if its associated elements need testing. Vulnerability assessment tests are sent to the server. Test results are then returned to the browser, where they are analyzed, displayed and/or stored in a log file.

摘要翻译： 一种新颖有用的机制和方法，用于在浏览应用程序时评估Web应用程序的漏洞。当用户与Web应用程序交互时，HTTP请求将从浏览器发送到Web服务器。分析每个HTTP请求以确定其相关元素是否需要测试。漏洞评估测试发送到服务器。然后将测试结果返回到浏览器，将其分析，显示和/或存储在日志文件中。

43.

发明授权
Targeted security testing 有权

公开(公告)号：US09971897B2

公开(公告)日：2018-05-15

申请号：US13431808

申请日：2012-03-27

申请人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman

发明人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman

IPC分类号： G06F21/00 , G06F21/57

CPC分类号： G06F21/577 , G06F2221/033

摘要： Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads.