The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Oct. 02, 2012
Filed:
Jan. 24, 2006
Bill Pennington, San Jose, CA (US);
Jeremiah Grossman, San Jose, CA (US);
Robert Stone, Mountain View, CA (US);
Siamak Pazirandeh, Santa Clara, CA (US);
Bill Pennington, San Jose, CA (US);
Jeremiah Grossman, San Jose, CA (US);
Robert Stone, Mountain View, CA (US);
Siamak Pazirandeh, Santa Clara, CA (US);
Whitehat Security, Inc., Santa Clara, CA (US);
Abstract
An improved method and apparatus for client-side web application analysis is provided. Client-side web application analysis involves determining and testing, using client-side application interfaces and the like, data input points and analyzing client requests and server responses. A security vulnerability analyzer can analyze web page content for client-side application files, such as Flash files and Java applets, extract web addresses and data parameters embedded in the client-side application file, and modify the data parameters according to user-defined test criteria. The modified data parameters are transmitted as part of a request to a respective web server used to service the client-side application files. The security vulnerability analyzer analyzes the response from the server to ascertain if there are any security vulnerabilities associated with the interface between the client-side application file and the web server.