Efficient Web Application Mapping During the Reconnaissance Phase of Penetration Testing
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F23%3APU149809" target="_blank" >RIV/00216305:26220/23:PU149809 - isvavai.cz</a>
Result on the web
<a href="https://ieeexplore.ieee.org/document/10333274" target="_blank" >https://ieeexplore.ieee.org/document/10333274</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1109/ICUMT61075.2023.10333274" target="_blank" >10.1109/ICUMT61075.2023.10333274</a>
Alternative languages
Result language
angličtina
Original language name
Efficient Web Application Mapping During the Reconnaissance Phase of Penetration Testing
Original language description
This paper presents the ptwebdiscover, an advanced tool designed for web application mapping in the reconnaissance phase of penetration testing. Unlike most available tools, it operates using multiple threads, boasts modularity, and enhances testing capabilities. Notable features include the implementation of a brute force method for searching shorter file names and the ability to mark specific locations in tested URLs for string insertion. The paper provides comprehensive details about the tool's multi-threaded implementation, intelligent backup searches, and comparisons with other web application penetration testing tools. Furthermore, ptwebdiscover has been seamlessly integrated into the Penterep platform, providing a significant advantage during manual web application penetration testing.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
20203 - Telecommunications
Result continuities
Project
<a href="/en/project/VK01030019" target="_blank" >VK01030019: Interactive checklists for effective cybersecurity testing</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Others
Publication year
2023
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
2023 15th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)
ISBN
979-8-3503-9328-6
ISSN
—
e-ISSN
—
Number of pages
6
Pages from-to
146-151
Publisher name
IEEE
Place of publication
Ghent, Belgium
Event location
Gent, Belgium
Event date
Oct 30, 2023
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—