with Tags:
xss
X
X
Mapping Entrypoint URLs To AppScan Source Findings
Findings / Entrypoint Viewer with URL Mapping Tool Following up on my previous, high-level overview of the Web Application Framework Language (WAFL) and how it is incorporated into an AppScan Source Analysis, I want to demonstrate a tool which uncovers one of the hidden gens contained in the .wafl file...the application Entrypoints. Below are screenshots of using this tool with Altoro2, a sample application used for demonstration of both AppScan Blackbox and Whitebox technologies. I'll continue to use this application as a sample in my... [More]
Tags: java customization integration cross_site_scripting asp.net sql_injection secure_by_design url xss correlation ibm url_mapping o2platform web_application_framework... wafl asp.net_mvc trace_stitching |
WAFL - The AppScan Web Application Framework Language
AppScan Source has a [not-so] secret weapon in the Battle for Visibility: WAFL The Web Application Framework Language (WAFL) was designed as a Framework for Frameworks (F4F) by the Ounce Analysis Engine Team to model the effects that modern frameworks have on the data flowing through an application. Although this technology is mainly utilized behind the scenes to provide support for specific Java Frameworks, such as Spring MVC and Struts, as well as generic .NET framework validation and data binding - the information captured in the .wafl... [More]
Tags: xss ibm url_mapping web_application_framework... cross_site_scripting integration o2platform java correlation sql_injection url customization asp.net_mvc wafl trace_stitching secure_by_design asp.net |
