Menu
I am trying to learn on Web Application security. I worked with tools that do static Analysis like RIPS, Pixy. Also did profiling of web-applications using xdebug and kcachegrind.
Now I am trying to research more on Dynamic Analysis. I would like to identify work flow deviations from call graphs generated during profiling.
Is it possible to do such an analysis??
If so can you suggest me any references or tools that achieve this?
930
There are some projects/papers addressing this need:
The third item is an academic presentation from 2006, so it may be a little out of date while the first resource seems the most mature DA testing tool I've seen. You might also look into the Monte Carlo Method as a way of throwing arbitrary input at a system to test its robustness, particular if you deal with numerical or statistical data.
116
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
