• AMNESIA

  • Referenced in 11 articles [sw12039]
  • NEutralizing SQL-injection attacks. The use of web applications has become increasingly popular ... attacks that target them. In particular, SQL injection, a class of code-injection attacks ... most serious threats to web applications. In this paper we present and evaluate ... seven web applications. In the evaluation we targeted the subject applications with a large number...
  • WAPTEC

  • Referenced in 5 articles [sw21854]
  • exploit construction. Parameter tampering attacks are dangerous to a web application whose server fails...
  • ModSecurity

  • Referenced in 1 article [sw34029]
  • open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that ... protection from a range of attacks against web applications and allows for HTTP traffic monitoring...
  • TAJ

  • Referenced in 7 articles [sw33114]
  • Web-application code artifacts, and generate consumable reports for a wide range of attack vectors...
  • HMMPayl

  • Referenced in 1 article [sw17494]
  • detailed knowledge of the applications running on the Web server. The solutions proposed ... effective against the most frequent attacks toward Web applications (such as XSS and SQL-Injection...
  • SessionShield

  • Referenced in 2 articles [sw38008]
  • field of Web applications. One of the main attack vectors used in connection with...
  • CryptDB

  • Referenced in 16 articles [sw27061]
  • confidentiality in the face of these attacks for applications backed by SQL databases. It works ... reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries...
  • Cujo

  • Referenced in 1 article [sw37812]
  • download attacks. The JavaScript language is a core component of active and dynamic web content ... web applications, however, JavaScript provides the basis for so-called drive-by downloads---attacks exploiting ... vulnerabilities in web browsers and their extensions for unnoticeably downloading malicious software...
  • PhoneyC

  • Referenced in 1 article [sw37387]
  • permit the deep study of client-side attacks. A complement to honeypots, a honeyclient ... client application, such as a web browser, and be exploited by an attacker’s content ... side attacks. PhoneyC is a virtual honeyclient, meaning it is not a real application...
  • Saner

  • Referenced in 9 articles [sw37817]
  • sanitization process. Thus, whenever a web application applies some sanitization routine to potentially malicious input ... procedures that can be bypassed by an attacker. We implemented our approach in a tool...
  • BotGraph

  • Referenced in 4 articles [sw21754]
  • large scale spamming botnet detection. Network security applications often require analyzing huge volumes of data ... type of botnet spamming attacks targeting major Web email providers. Bot-Graph uncovers the correlations ... volume, we implement BotGraph as a distributed application on a computer cluster, and explore...
  • FRADE

  • Referenced in 1 article [sw41631]
  • traffic is difficult to filter, since individual attack and legitimate service requests look identical ... evaluate them on three Web servers with different server applications and content. Our results show ... bots within seconds, and successfully filters out attack traffic. FRADE significantly raises...
  • HyperCrypt

  • Referenced in 1 article [sw37368]
  • boot attacks. HyperCrypt is fully transparent for the guest operating system and all applications running ... web sever. With the default configuration of 1024 cleartext pages, successful cold boot attacks...
  • RamCrypt

  • Referenced in 1 article [sw37369]
  • process basis without recompiling user-mode applications. In every enabled process, data is only stored ... disclosure attacks, which grant unauthorized access to process memory, as well as physical attacks such ... cold boot and DMA attacks. In its default configuration, RamCrypt exposes only ... same time. For the nginx web server serving encrypted HTTPS pages under heavy load...
  • Opa

  • Referenced in 1 article [sw22713]
  • source programming language for developing scalable web applications. It can be used for both client ... injections and cross-site scripting attacks.[4] The language was first officially presented...
  • PixelVault

  • Referenced in 1 article [sw37377]
  • crucial for containing the impact of attacks. The Heartbleed vulnerability of April 2014, which allowed ... remote leakage of secret keys from HTTPS web servers, is an indicative example. In this ... library that allows the protection of existing applications with minimal modifications. Based on the results...
  • ConScript

  • Referenced in 1 article [sw38007]
  • comes from the ability of a Web page to combine content and JavaScript code from ... effectively opens the hosting site up for attacks and poor programming practices within every JavaScript ... hosting page to express fine-grained application-specific security policies that are enforced at runtime...
  • Coq

  • Referenced in 1890 articles [sw00161]
  • Coq is a formal proof management system. It...
  • gmp

  • Referenced in 282 articles [sw00363]
  • GMP is a free library for arbitrary precision...
  • Macaulay2

  • Referenced in 1923 articles [sw00537]
  • Macaulay2 is a software system devoted to supporting...