ФАЗ ТЕСТИРАЊЕ ВЕБ АПЛИКАЦИЈА
Ključne reči:
фаз тестирање, тестирање, безбедност
Apstrakt
Тема рада јесте примjена фаз тестирања на веб апликацијама. У раду су анализирани алати за фаз тестирање, као и рањиве апликације са веба коришћене за потребе извођења фаз тестова, и демонстрације рада алата. Урађени су фаз тестови над овим апликацијама и анализирани су резултати тестирања.
Reference
[1] “What is Software Testing? Definition”, Thomas Hamilton https://www.guru99.com/software-testing-introduction-importance.html
[2] “Negative Testing” https://smartbear.com/learn/automated-testing/negative-testing/
[3] “What is Negative Testing? Test cases With Example” , Thomas Hamilton
[4] “DETEKCIJA SIGURNOSNIH PROPUSTA FAZ TESTIRANJEM”, Aleksandar Nikolić, Goran Sladić, Branko Milosavljević, Zora Konjović
https://infom.fon.bg.ac.rs/index.php/infom/article/view/1551/1523
[5] “Fuzz testing”, Synopsys https://www.synopsys.com/glossary/what-is-fuzz-testing.html
[6] “Fuzzing info – the art of unexpected input engineering” https://fuzzinginfo.wordpress.com/history/
[7] “Fuzz testing” https://fuchsia.dev/fuchsia-src/contribute/testing/fuzz_testing
[8] “Code intelligence, What Is Fuzz Testing?” https://www.code-intelligence.com/what-is-fuzz-testing#FuzzTestingDefinition
[9] “Fuzzing – what is it, and why bother?” https://cytal.co.uk/fuzzing-what-is-it-and-why-bother/)
[10] https://github.com/zaproxy/zaproxy
[11] “Everything you need to know about FFUF” https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html
[12] “Web Security Testing with Burp Suite”, Dr. Sunny Wear https://www.pluralsight.com/paths/web-security-testing-with-burp-suite
[13] “What is Burp Suite?”
https://www.geeksforgeeks.org/what-is-burp-suite/
[14] https://github.com/webpwnized/mutillidae
[15] “bWapp” http://www.itsecgames.com
[16] https://github.com/digininja/DVWA
[17] https://github.com/danielmiessler/SecLists
[2] “Negative Testing” https://smartbear.com/learn/automated-testing/negative-testing/
[3] “What is Negative Testing? Test cases With Example” , Thomas Hamilton
[4] “DETEKCIJA SIGURNOSNIH PROPUSTA FAZ TESTIRANJEM”, Aleksandar Nikolić, Goran Sladić, Branko Milosavljević, Zora Konjović
https://infom.fon.bg.ac.rs/index.php/infom/article/view/1551/1523
[5] “Fuzz testing”, Synopsys https://www.synopsys.com/glossary/what-is-fuzz-testing.html
[6] “Fuzzing info – the art of unexpected input engineering” https://fuzzinginfo.wordpress.com/history/
[7] “Fuzz testing” https://fuchsia.dev/fuchsia-src/contribute/testing/fuzz_testing
[8] “Code intelligence, What Is Fuzz Testing?” https://www.code-intelligence.com/what-is-fuzz-testing#FuzzTestingDefinition
[9] “Fuzzing – what is it, and why bother?” https://cytal.co.uk/fuzzing-what-is-it-and-why-bother/)
[10] https://github.com/zaproxy/zaproxy
[11] “Everything you need to know about FFUF” https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html
[12] “Web Security Testing with Burp Suite”, Dr. Sunny Wear https://www.pluralsight.com/paths/web-security-testing-with-burp-suite
[13] “What is Burp Suite?”
https://www.geeksforgeeks.org/what-is-burp-suite/
[14] https://github.com/webpwnized/mutillidae
[15] “bWapp” http://www.itsecgames.com
[16] https://github.com/digininja/DVWA
[17] https://github.com/danielmiessler/SecLists
Objavljeno
2023-01-08
Sekcija
Elektrotehničko i računarsko inženjerstvo
