부산대학교 도서관

Web vulnerability detection technology is a very important approach to detect and ensure security in web application. However, there are limitation associated with the existing web application vulnerability detection methods in terms of variations in the detection capabilities. In this paper, a Script Code-based web application vulnerability detection platform named Dirmap is designed and implemented to address the aforementioned gap. The aim is to accurately and efficiently detect information leakage in existing web applications. The Dirmap (1) provides the web graphical management interface and data analysis display function based on the flash framework; (2) supports four detection patterns, including dictionary detection, pure explosion detection, crawler dynamic dictionary and fuzzy tag detection; (3) provides many functions of recursively scanning options, automatic detection of false leak pages, automatic processing of duplicate results, etc. The experimental results show that Dirmap can accurately and effectively detect information leakage vulnerabilities. Thus, promoting the overall security of web application systems. In addition, prevent hackers from using vulnerabilities to obtain unauthorized information.