User-session-based testing of web applications gathers user sessions to create and continually update test suites based on real user input in the field. To support this approach ...
Sara Sprenkle, Emily Gibson, Sreedevi Sampath, Lor...
1 The paper proposes a new test model, Call-For-Testing (CFT), and applies it to User Acceptance Testing (UAT) of Web Applications. Different from traditional approaches, UAT in th...
Lian Yu, Wei Zhao, Xiaofeng Di, Changzhu Kong, Wen...
Parameter tampering attacks are dangerous to a web application whose server fails to replicate the validation of user-supplied data that is performed by the client. Malicious user...
Taint analysis, a form of information-flow analysis, establishes whether values from untrusted methods and parameters may flow into security-sensitive operations. Taint analysis...
Omer Tripp, Marco Pistoia, Stephen J. Fink, Manu S...
Penetration testing is widely used to help ensure the security of web applications. It discovers vulnerabilities by simulating attacks from malicious users on a target application...
William G. J. Halfond, Shauvik Roy Choudhary, Ales...