web application scanning / reported web vulnerabilities / black-box tools / cross-site / black-box web scanners / web application vulnerability classes / web applications / remote services / active content technologies / black-box web vulnerability scanners / Web application security vulnerabilities / web application vulnerability / web application scanning methods / sample applications / Web Application Vulnerability Testing Jason Bau / technology category / technology page / web application vulnerability scanners / active technologies / Web System Number / open-source tools / web application firewalls / web scanners / website operator / web application / Web Application Scanner Functional Specification / web vulnerabilities / web vulnerability scanner market / web application vulnerability population / web application scanners / blackbox tools / automated blackbox web application vulnerability scanners / in-the-wild web application vulnerabilities / Web Application Security Project / established web applications / web application vulnerability remediation / source code analysis tools / reported web application vulnerability classes / web vulnerability categories / Web Application Security Consortium / web server / software packages / black box web-application testers / software architecture / content technologies / web application vulnerabilities / /
OperatingSystem
DoS / Linux / /
Organization
XCS XSS / Stanford University Stanford / VUPEN Security Vulnerability Notification Service / /
State of the Art: Automated Black-Box Web Application Vulnerability Testing Jason Bau, Elie Bursztein, Divij Gupta, John Mitchell Stanford University Stanford, CA {jbau, divijg}@stanford.edu, {elie, mitchell}@cs.stanford