公开(公告)号：US20130111595A1

公开(公告)日：2013-05-02

申请号：US13447904

申请日：2012-04-16

申请人： YAIR AMIT ,  YINNON A. HAVIV ,  DANIEL KALMAN ,  OMER TRIPP ,  OMRI WEISMAN

发明人： YAIR AMIT ,  YINNON A. HAVIV ,  DANIEL KALMAN ,  OMER TRIPP ,  OMRI WEISMAN

IPC分类号： G06F21/00

CPC分类号： G06F21/566 ,  G06F21/52 ,  G06F21/577

摘要： Testing a Web-based application for security vulnerabilities. At least one client request including a payload having a unique identifier can be communicated to the Web-based application. Response HTML and an associated Document Object Model (DOM) object can be received from the Web-based application. Content corresponding to the payload can be identified in the DOM object via the unique identifier. A section of the DOM object including the payload can be identified as un-trusted.

摘要翻译： 测试基于Web的应用程序的安全漏洞。 包括具有唯一标识符的有效载荷的至少一个客户端请求可以被传送到基于Web的应用。 可以从基于Web的应用程序接收响应HTML和关联的文档对象模型（DOM）对象。 可以通过唯一标识符在DOM对象中识别与有效载荷相对应的内容。 包括有效载荷的DOM对象的一部分可以被识别为不可信。

公开(公告)号：US20130111594A1

公开(公告)日：2013-05-02

申请号：US13283989

申请日：2011-10-28

申请人： YAIR AMIT ,  YINNON A. HAVIV ,  DANIEL KALMAN ,  OMER TRIPP ,  OMRI WEISMAN

发明人： YAIR AMIT ,  YINNON A. HAVIV ,  DANIEL KALMAN ,  OMER TRIPP ,  OMRI WEISMAN

IPC分类号： G06F21/00 ,  G06F11/30

CPC分类号： G06F21/566 ,  G06F21/52 ,  G06F21/577

摘要： Testing a Web-based application for security vulnerabilities. At least one client request including a payload having a unique identifier can be communicated to the Web-based application. Response HTML and an associated Document Object Model (DOM) object can be received from the Web-based application. Content corresponding to the payload can be identified in the DOM object via the unique identifier. A section of the DOM object including the payload can be identified as un-trusted.

公开(公告)号：US20130167239A1

公开(公告)日：2013-06-27

申请号：US13430002

申请日：2012-03-26

申请人： YAIR AMIT ,  EVGENY BESKROVNY ,  OMER TRIPP

发明人： YAIR AMIT ,  EVGENY BESKROVNY ,  OMER TRIPP

IPC分类号： G06F21/00

摘要： A method of detecting a vulnerability in a Web service can include determining, using a processor, whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service. The method further can include, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability.

摘要翻译： 检测Web服务中的漏洞的方法可以包括：使用处理器确定Web服务是否使用请求者的身份来选择Web服务的程序代码中的分支的多个不同路径中的一个。 该方法还可以包括响应于确定Web服务根据请求者的身份选择分支的多个不同路径中的一个，指示该Web服务具有潜在的漏洞。

公开(公告)号：US20130166676A1

公开(公告)日：2013-06-27

申请号：US13334718

申请日：2011-12-22

申请人： YAIR AMIT ,  ROEE HAY ,  ROI SALTZMAN ,  OMER TRIPP

发明人： YAIR AMIT ,  ROEE HAY ,  ROI SALTZMAN ,  OMER TRIPP

IPC分类号： G06F15/16

CPC分类号： G06F17/30893 ,  H04L29/08981

摘要： Identifying at least one custom parameter in a request uniform resource locator (URL). At least a first portion of source code of a Web application that typically consumes the custom parameter provided in the request URL can be identified. The Web application can be instrumented at the first portion of the source code. The Web application can receive the request URL and the Web application can be executed with the instrumented source code. At least one run-time value consumed by the second portion of the source code can be identified, and the run-time value can be compared to the request URL to determine whether the run-time value intersects with the request URL. Responsive to determining that the run-time value intersects with the request URL, the run-time value can be identified as the custom parameter. A custom parameter rule can be generated based on the comparison.

摘要翻译： 在请求统一资源定位符（URL）中标识至少一个自定义参数。 可以识别通常消耗请求URL中提供的自定义参数的Web应用的源代码的至少第一部分。 Web应用程序可以在源代码的第一部分进行检测。 Web应用程序可以接收请求URL，Web应用程序可以使用带检测的源代码执行。 可以识别由源代码的第二部分消耗的至少一个运行时值，并且可以将运行时值与请求URL进行比较，以确定运行时值是否与请求URL相交。 响应于确定运行时值与请求URL相交，运行时值可以被标识为自定义参数。 可以根据比较生成自定义参数规则。

公开(公告)号：US20130055402A1

公开(公告)日：2013-02-28

申请号：US13429993

申请日：2012-03-26

申请人： YAIR AMIT ,  ALEXANDER LANDA ,  OMER TRIPP

发明人： YAIR AMIT ,  ALEXANDER LANDA ,  OMER TRIPP

IPC分类号： G06F21/00

CPC分类号： H04L63/1433 ,  G06F21/577 ,  G06F2221/033 ,  H04L63/1441 ,  H04L63/1483

摘要： A method for detecting security vulnerabilities in web applications can include providing a payload to a web application during a first interaction with the web application at a computer server, where the payload includes a payload instruction and an identifier, detecting the identifier within the payload received during an interaction with the web application subsequent to the first interaction, and determining, responsive to detecting the identifier within the payload, whether the payload instruction underwent a security check prior to execution of the payload instruction.

摘要翻译： 用于检测web应用程序中的安全漏洞的方法可以包括在计算机服务器与网络应用程序的第一次交互期间向web应用程序提供有效载荷，其中有效载荷包括有效负载指令和标识符，检测在 在所述第一交互之后与所述web应用的交互，以及响应于在所述有效载荷内检测到所述标识符，确定所述有效载荷指令是否在执行所述有效载荷指令之前进行了安全检查。

公开(公告)号：US20130055397A1

公开(公告)日：2013-02-28

申请号：US13217418

申请日：2011-08-25

申请人： YAIR AMIT ,  ALEXANDER LANDA ,  OMER TRIPP

发明人： YAIR AMIT ,  ALEXANDER LANDA ,  OMER TRIPP

IPC分类号： G06F21/00

CPC分类号： H04L63/1433 ,  G06F21/577 ,  G06F2221/033 ,  H04L63/1441 ,  H04L63/1483

摘要： A system for detecting security vulnerabilities in web applications, the system including, a black-box tester configured to provide a payload to a web application during a first interaction with the web application at a computer server, where the payload includes a payload instruction and an identifier, and an execution engine configured to detect the identifier within the payload received during an interaction with the web application subsequent to the first interaction, and determine, responsive to detecting the identifier within the payload, whether the payload instruction underwent a security check prior to execution of the payload instruction.

摘要翻译： 一种用于检测Web应用程序中的安全漏洞的系统，该系统包括：黑盒测试器，被配置为在与计算机服务器处的web应用的第一次交互期间向web应用提供有效载荷，其中所述有效载荷包括有效载荷指令和 标识符和执行引擎，被配置为在第一交互之后与网络应用程序交互期间检测在该有效载荷内接收到的有效载荷内的标识符，并且响应于检测到有效载荷内的标识符，确定有效载荷指令是否在 执行有效载荷指令。

公开(公告)号：US20130167237A1

公开(公告)日：2013-06-27

申请号：US13335439

申请日：2011-12-22

申请人： YAIR AMIT ,  EVGENY BESKROVNY ,  OMER TRIPP

发明人： YAIR AMIT ,  EVGENY BESKROVNY ,  OMER TRIPP

IPC分类号： G06F11/00

摘要： A system for detecting a vulnerability in a Web service can include a processor configured to initiate executable operations including determining whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service and, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability.

摘要翻译： 用于检测Web服务中的漏洞的系统可以包括处理器，其被配置为发起可执行操作，包括确定Web服务是否使用请求者的身份来选择Web服务的程序代码中的分支的多个不同路径中的一个， 响应于确定所述Web服务根据所述请求者的身份确定选择分支的多个不同路径中的一个，指示所述Web服务具有潜在的漏洞。

公开(公告)号：US20130167124A1

公开(公告)日：2013-06-27

申请号：US13447952

申请日：2012-04-16

申请人： YAIR AMIT ,  ROEE HAY ,  ROI SALTZMAN ,  OMER TRIPP

发明人： YAIR AMIT ,  ROEE HAY ,  ROI SALTZMAN ,  OMER TRIPP

IPC分类号： G06F9/44

CPC分类号： G06F17/30893 ,  H04L29/08981

摘要： Identifying at least one custom parameter in a request uniform resource locator (URL). The method can include identifying at least a first portion of source code of a Web application that typically consumes the custom parameter provided in the request URL and, via a processor, instrumenting the Web application at the first portion of the source code. The Web application can receive the request URL and the Web application can be executed with the instrumented source code. At least one run-time value consumed by the second portion of the source code can be identified, and the run-time value can be compared to the request URL to determine whether the run-time value intersects with the request URL. Responsive to determining that the run-time value intersects with the request URL, the run-time value can be identified as the custom parameter. A custom parameter rule can be generated based on the comparison.

摘要翻译： 在请求统一资源定位符（URL）中标识至少一个自定义参数。 该方法可以包括识别Web应用程序的源代码的至少第一部分，其通常消耗在请求URL中提供的自定义参数，并且经由处理器在源代码的第一部分检验Web应用程序。 Web应用程序可以接收请求URL，Web应用程序可以使用带检测的源代码执行。 可以识别由源代码的第二部分消耗的至少一个运行时值，并且可以将运行时值与请求URL进行比较，以确定运行时值是否与请求URL相交。 响应于确定运行时值与请求URL相交，运行时值可以被标识为自定义参数。 可以根据比较生成自定义参数规则。

公开(公告)号：US20120266246A1

公开(公告)日：2012-10-18

申请号：US13085902

申请日：2011-04-13

申请人： YAIR AMIT ,  ROEE HAY ,  ROI SALTZMAN ,  ADI SHARABANI

发明人： YAIR AMIT ,  ROEE HAY ,  ROI SALTZMAN ,  ADI SHARABANI

IPC分类号： G06F21/00

CPC分类号： G06F21/52 ,  G06F21/55 ,  G06F2221/033

摘要： A build process management system can acquire data pertaining to a software build process that is currently being executed by an automated software build system. The software build process can include executable process steps, metadata, and/or environmental parameter values. An executable process step can utilize a build artifact, representing an electronic document that supports the software build process. The acquired data can then be synthesized into an immutable baseline build process and associated baseline artifact library. The baseline artifact library can store copies of the build artifacts. The immutable baseline build process can include baseline objects that represent data values and dependencies indicated in the software build process. In response to a user-specified command, an operation can be performed upon the baseline build process and associated baseline artifact library.

公开(公告)号：US20130191913A1

公开(公告)日：2013-07-25

申请号：US13563279

申请日：2012-07-31

申请人： YAIR AMIT ,  RONEN BACHAR ,  LOTEM GUY ,  IGAL KREICHMAN ,  RON NORDAN ,  ROI SALTZMAN ,  ORI SEGAL

发明人： YAIR AMIT ,  RONEN BACHAR ,  LOTEM GUY ,  IGAL KREICHMAN ,  RON NORDAN ,  ROI SALTZMAN ,  ORI SEGAL

IPC分类号： G06F21/00

CPC分类号： G06F21/552 ,  H04L63/166

摘要： Collecting log file data from at least one log file. From the collected log file data, at least one HTTP request can be generated to exercise a web application to perform a security analysis of the web application. The HTTP request can be communicated to the web application. At least one HTTP response to the HTTP request can be received. The HTTP response can be analyzed to perform validation of the web application. Results of the validation can be output.