Přístupnostní navigace
E-application
Search Search Close
Publication result detail
LAZAROV, W.; MARTINÁSEK, Z.
Original Title
Efficient Web Application Mapping During the Reconnaissance Phase of Penetration Testing
English Title
Type
Paper in proceedings (conference paper)
Original Abstract
This paper presents the ptwebdiscover, an advanced tool designed for web application mapping in the reconnaissance phase of penetration testing. Unlike most available tools, it operates using multiple threads, boasts modularity, and enhances testing capabilities. Notable features include the implementation of a brute force method for searching shorter file names and the ability to mark specific locations in tested URLs for string insertion. The paper provides comprehensive details about the tool's multi-threaded implementation, intelligent backup searches, and comparisons with other web application penetration testing tools. Furthermore, ptwebdiscover has been seamlessly integrated into the Penterep platform, providing a significant advantage during manual web application penetration testing.
English abstract
Keywords
Penterep; ptwebdiscover; penetration testing; OWASP; web application
Key words in English
Authors
RIV year
2024
Released
05.12.2023
Publisher
IEEE
Location
Ghent, Belgium
ISBN
979-8-3503-9328-6
Book
2023 15th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)
Pages from
146
Pages to
151
Pages count
6
URL
https://ieeexplore.ieee.org/document/10333274
BibTex
@inproceedings{BUT185696, author="Willi {Lazarov} and Zdeněk {Martinásek}", title="Efficient Web Application Mapping During the Reconnaissance Phase of Penetration Testing", booktitle="2023 15th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)", year="2023", pages="146--151", publisher="IEEE", address="Ghent, Belgium", doi="10.1109/ICUMT61075.2023.10333274", isbn="979-8-3503-9328-6", url="https://ieeexplore.ieee.org/document/10333274" }