Automatic Detection of Vulnerabilities in Web Applications using Fuzzing

Automatic detection of vulnerabilities is a problem studied in literature and a very important concern in application development with security requirements. Fuzzing is a software testing technique, automated or semi-automated, that involves injecting a massive quantity of semi-random inputs in software in order to find security vulnerabilities. Many vulnerability detection techniques need manual analysis from specialized people in order to confirm if there any vulnerabilities. To solve this problem, it was decided to develop a system that automatically detects vulnerabilities in web applications using fuzzing. Detecting vulnerabilities in web applications is different than detection in other types of software. This happens because web applications contain many back-end components, that causes specific vulnerabilities, therefore, it is convenient monitoring these components. This works presents a framework for fuzzing web applications. In this work, monitoring is made inside each web application component. The framework detects a representative set of web application vulnerabilities: SQL injection; remote and local file inclusion; reflected and stored cross-site scripting. Our SQL injection detection mechanism is able to detect even subtle attacks of this category presented recently. We present an experimental evaluation of the framework, using vulnerable code samples and open source