{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T10:53:28Z","timestamp":1776077608115,"version":"3.50.1"},"reference-count":92,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2024,4,12]],"date-time":"2024-04-12T00:00:00Z","timestamp":1712880000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,4,12]],"date-time":"2024-04-12T00:00:00Z","timestamp":1712880000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100007195","name":"Universit\u00e0 degli Studi di Napoli Federico II","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100007195","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Web applications play a crucial role in modern businesses, offering various services and often exposing sensitive data that can be enticing to attackers. As a result, there is a growing interest in finding innovative approaches for discovering vulnerabilities in web applications. In the evolving landscape of web security, the realm of fuzz testing has garnered substantial attention for its effectiveness in identifying vulnerabilities. However, existing literature has often underemphasized the nuances of web-centric fuzzing methodologies. This article presents a comprehensive exploration of fuzzing techniques specifically tailored to web applications, addressing the gap in the current research. Our work presents a holistic perspective on web-centric fuzzing, introduces a modular architecture that improves fuzzing effectiveness, demonstrates the reusability of certain fuzzing steps, and offers an open-source software package for the broader security community. By addressing these key contributions, we aim to facilitate advancements in web application security, empower researchers to explore new fuzzing techniques, and ultimately enhance the overall cybersecurity landscape.<\/jats:p>","DOI":"10.1007\/s11416-024-00518-0","type":"journal-article","created":{"date-parts":[[2024,4,12]],"date-time":"2024-04-12T18:02:36Z","timestamp":1712944956000},"page":"641-667","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Sniping at web applications to discover input-handling vulnerabilities"],"prefix":"10.1007","volume":"20","author":[{"given":"Ciro","family":"Brandi","sequence":"first","affiliation":[]},{"given":"Gaetano","family":"Perrone","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5876-0382","authenticated-orcid":false,"given":"Simon Pietro","family":"Romano","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,4,12]]},"reference":[{"key":"518_CR1","doi-asserted-by":"crossref","unstructured":"Singh, N., Meherhomji, V., Chandavarkar, B.: Automated versus manual approach of web application penetration testing. In: 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). IEEE, pp. 1\u20136 (2020)","DOI":"10.1109\/ICCCNT49239.2020.9225385"},{"key":"518_CR2","first-page":"6775","volume":"34","author":"M Aydos","year":"2021","unstructured":"Aydos, M., Aldan, \u00c7., Co\u015fkun, E., Soydan, A.: Security testing of web applications: a systematic mapping of the literature. J. King Saud Univ. Comput. Inf. Sci. 34, 6775\u20136792 (2021)","journal-title":"J. King Saud Univ. Comput. Inf. Sci."},{"key":"518_CR3","unstructured":"The owasp testing guide (2022). [Online]. Available: https:\/\/owasp.org\/www-project-web-security-testing-guide\/. Accessed 01 Feb 2021"},{"key":"518_CR4","unstructured":"Path traversal. https:\/\/owasp.org\/www-community\/attacks\/Path_Traversal. Accessed 12 Feb 2022"},{"key":"518_CR5","unstructured":"Kowalski, R.: Predicate logic as programming language. In: IFIP Congress, vol. 74, pp. 569\u2013544 (1974)"},{"issue":"1","key":"518_CR6","doi-asserted-by":"publisher","first-page":"14","DOI":"10.2307\/2268661","volume":"16","author":"A Horn","year":"1951","unstructured":"Horn, A.: On sentences which are true of direct unions of algebras. J. Symbol. Log. 16(1), 14\u201321 (1951)","journal-title":"J. Symbol. Log."},{"issue":"3\u20134","key":"518_CR7","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1016\/0004-3702(71)90012-9","volume":"2","author":"R Kowalski","year":"1971","unstructured":"Kowalski, R., Kuehner, D.: Linear resolution with selection function. Artif. Intell. 2(3\u20134), 227\u2013260 (1971)","journal-title":"Artif. Intell."},{"key":"518_CR8","doi-asserted-by":"crossref","unstructured":"Apt, K.R.: Logic programming. In: Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics (B), vol. 1990, pp. 493\u2013574 (1990)","DOI":"10.1016\/B978-0-444-88074-1.50015-9"},{"key":"518_CR9","doi-asserted-by":"crossref","unstructured":"Kok, J.N.: Specialization in logic programming: from horn clause logic to prolog and concurrent prolog. In: Workshop\/School\/Symposium of the REX Project (Research and Education in Concurrent Systems). Springer, pp. 401\u2013413 (1989)","DOI":"10.1007\/3-540-52559-9_73"},{"key":"518_CR10","unstructured":"A concise introduction to prolog. https:\/\/www.cis.upenn.edu\/matuszek\/Concise. Accessed 03 Mar 2021"},{"issue":"4","key":"518_CR11","doi-asserted-by":"publisher","first-page":"542","DOI":"10.1145\/383779.383785","volume":"2","author":"L Carlucci Aiello","year":"2001","unstructured":"Carlucci Aiello, L., Massacci, F.: Verifying security protocols as planning in logic programming. ACM Trans. Comput. Log. 2(4), 542\u2013580 (2001)","journal-title":"ACM Trans. Comput. Log."},{"key":"518_CR12","doi-asserted-by":"crossref","unstructured":"Alberti, M., Chesani, F., Gavanelli, M., Lamma, E., Mello, P., Torroni, P.: Security protocols verification in abductive logic programming: a case study. In: International Workshop on Engineering Societies in the Agents World. Springer, pp. 106\u2013124 (2005)","DOI":"10.1007\/11759683_7"},{"key":"518_CR13","doi-asserted-by":"crossref","unstructured":"Barker, S.: Data protection by logic programming. In: International Conference on Computational Logic. Springer, pp. 1300\u20131314 (2000)","DOI":"10.1007\/3-540-44957-4_87"},{"key":"518_CR14","doi-asserted-by":"crossref","unstructured":"Zech, P., Felderer, M., Breu, R.: Security risk analysis by logic programming. In: International Workshop on Risk Assessment and Risk-Driven Testing. Springer, pp. 38\u201348 (2013)","DOI":"10.1007\/978-3-319-14114-5_3"},{"issue":"2","key":"518_CR15","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1109\/92.386221","volume":"3","author":"R Vemuri","year":"1995","unstructured":"Vemuri, R., Kalyanaraman, R.: Generation of design verification tests from behavioral VHDL programs using path enumeration and constraint programming. IEEE Trans. Very Large Scale Integr. Syst. 3(2), 201\u2013214 (1995)","journal-title":"IEEE Trans. Very Large Scale Integr. Syst."},{"issue":"2","key":"518_CR16","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/52.73749","volume":"8","author":"R Denney","year":"1991","unstructured":"Denney, R.: Test-case generation from prolog-based specifications. IEEE Softw. 8(2), 49\u201357 (1991)","journal-title":"IEEE Softw."},{"issue":"4\u20136","key":"518_CR17","doi-asserted-by":"publisher","first-page":"659","DOI":"10.1017\/S1471068410000347","volume":"10","author":"M G\u00f3mez-Zamalloa","year":"2010","unstructured":"G\u00f3mez-Zamalloa, M., Albert, E., Puebla, G.: Test case generation for object-oriented imperative languages in CLP. Theory Pract. Logic Program. 10(4\u20136), 659\u2013674 (2010)","journal-title":"Theory Pract. Logic Program."},{"issue":"2","key":"518_CR18","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1007\/s10009-017-0472-3","volume":"21","author":"P Zech","year":"2019","unstructured":"Zech, P., Felderer, M., Breu, R.: Knowledge-based security testing of web applications by logic programming. Int. J. Softw. Tools Technol. Transf. 21(2), 221\u2013246 (2019)","journal-title":"Int. J. Softw. Tools Technol. Transf."},{"issue":"3","key":"518_CR19","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1109\/MS.2020.3016773","volume":"38","author":"M Boehme","year":"2021","unstructured":"Boehme, M., Cadar, C., Roychoudhury, A.: Fuzzing: challenges and reflections. IEEE Softw. 38(3), 79\u201386 (2021)","journal-title":"IEEE Softw."},{"key":"518_CR20","unstructured":"McNally, R., Yiu, K., Grove, D., Gerhardy, D.: Fuzzing: the state of the art. Defence Science and Technology Organisation Edinburgh (Australia), Technical report (2012)"},{"key":"518_CR21","unstructured":"Pham, V.-T., Bohme, M., Santosa, A., Caciulescu, A., Roychoudhury, A.: Smart greybox fuzzing. IEEE Trans. Softw. Eng. 47(9), 1980\u20131997 (2021)"},{"key":"518_CR22","doi-asserted-by":"publisher","first-page":"2312","DOI":"10.1109\/TSE.2019.2946563","volume":"47","author":"VJM Man\u00e8s","year":"2019","unstructured":"Man\u00e8s, V.J.M., Han, H., Han, C., Cha, S.K., Egele, M., Schwartz, E.J., Woo, M.: The art, science, and engineering of fuzzing: a survey. IEEE Trans. Softw. Eng. 47, 2312\u20132331 (2019)","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"3","key":"518_CR23","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1177\/0256090915599709","volume":"40","author":"S Sinha","year":"2015","unstructured":"Sinha, S.: The exploration-exploitation dilemma: a review in the context of managing growth of new ventures. Vikalpa 40(3), 313\u2013323 (2015)","journal-title":"Vikalpa"},{"key":"518_CR24","doi-asserted-by":"crossref","unstructured":"Woo, M., Cha, S. K., Gottlieb, S., Brumley, D.: Scheduling black-box mutational fuzzing. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 511\u2013522 (2013)","DOI":"10.1145\/2508859.2516736"},{"key":"518_CR25","unstructured":"Berry, D.A., Fristedt, B.: Bandit Problems: Sequential Allocation of Experiments. In: Monographs on Statistics and Applied Probability. Chapman and Hall, London, vol. 5, no. 71-87, pp. 7\u20137 (1985)"},{"key":"518_CR26","doi-asserted-by":"crossref","unstructured":"Householder, A.D., Foote, J.M.: Probability-based parameter selection for black-box fuzz testing. Carnegie-Mellon Univ Pittsburgh PA Software Engineering Inst, Technical report (2012)","DOI":"10.21236\/ADA610472"},{"issue":"5","key":"518_CR27","doi-asserted-by":"publisher","first-page":"507","DOI":"10.1109\/TSE.2014.2372785","volume":"41","author":"ET Barr","year":"2015","unstructured":"Barr, E.T., Harman, M., McMinn, P., Shahbaz, M., Yoo, S.: The oracle problem in software testing: a survey. IEEE Trans. Softw. Eng. 41(5), 507\u2013525 (2015)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"518_CR28","doi-asserted-by":"crossref","unstructured":"Duchene, F., Rawat, S., Richier, J.-L., Groz, R.: Kameleonfuzz: evolutionary fuzzing for black-box xss detection. In: Proceedings of the 4th ACM Conference on Data and Application Security and Privacy, pp. 37\u201348 (2014)","DOI":"10.1145\/2557547.2557550"},{"key":"518_CR29","doi-asserted-by":"crossref","unstructured":"Appelt, D., Nguyen, C. D., Briand, L. C., Alshahwan, N.: Automated testing for SQL injection vulnerabilities: an input mutation approach. In: Proceedings of the 2014 International Symposium on Software Testing and Analysis, pp. 259\u2013269 (2014)","DOI":"10.1145\/2610384.2610403"},{"key":"518_CR30","doi-asserted-by":"crossref","unstructured":"Khalid, M.N., Farooq, H., Iqbal, M., Alam, M. T., Rasheed, K.: Predicting web vulnerabilities in web applications based on machine learning. In: International Conference on Intelligent Technologies and Applications. Springer, pp. 473\u2013484 (2018)","DOI":"10.1007\/978-981-13-6052-7_41"},{"key":"518_CR31","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103015","volume":"124","author":"Z Liu","year":"2023","unstructured":"Liu, Z., Fang, Y., Huang, C., Xu, Y.: Mfxss: an effective xss vulnerability detection method in JavaScript based on multi-feature model. Comput. Secur. 124, 103015 (2023)","journal-title":"Comput. Secur."},{"issue":"4","key":"518_CR32","doi-asserted-by":"publisher","first-page":"2482","DOI":"10.3390\/app13042482","volume":"13","author":"X Song","year":"2023","unstructured":"Song, X., Zhang, R., Dong, Q., Cui, B.: Grey-box fuzzing based on reinforcement learning for xss vulnerabilities. Appl. Sci. 13(4), 2482 (2023)","journal-title":"Appl. Sci."},{"issue":"5","key":"518_CR33","doi-asserted-by":"publisher","first-page":"1229","DOI":"10.3390\/electronics12051229","volume":"12","author":"EA Altulaihan","year":"2023","unstructured":"Altulaihan, E.A., Alismail, A., Frikha, M.: A survey on web application penetration testing. Electronics 12(5), 1229 (2023)","journal-title":"Electronics"},{"key":"518_CR34","doi-asserted-by":"crossref","unstructured":"Walden, J., Stuckman, J., Scandariato, R.: Predicting vulnerable components: software metrics vs text mining. In: 2014 IEEE 25th International Symposium on Software Reliability Engineering, pp. 23\u201333 (2014)","DOI":"10.1109\/ISSRE.2014.32"},{"key":"518_CR35","doi-asserted-by":"crossref","unstructured":"Li, L., Dong, Q., Liu, D., Zhu, L.: The application of fuzzing in web software security vulnerabilities test. In: 2013 International Conference on Information Technology and Applications. IEEE, pp. 130\u2013133 (2013)","DOI":"10.1109\/ITA.2013.36"},{"key":"518_CR36","unstructured":"Mitmproxy is a free and open source interactive https proxy. https:\/\/mitmproxy.org\/. Accessed 12 Feb 2022"},{"key":"518_CR37","unstructured":"What is a transparent proxy: client vs. server side use cases: Imperva (2020). https:\/\/www.imperva.com\/learn\/ddos\/transparent-proxy\/. Accessed 10 Jan 2022"},{"key":"518_CR38","volume-title":"Computer Logic, Testing and Verification. By Paul Roth","author":"J Armstrong","year":"1983","unstructured":"Armstrong, J.: Computer Logic, Testing and Verification. By Paul Roth, vol. 90. Taylor & Francis, London (1983)"},{"key":"518_CR39","unstructured":"Sectooladdict, Sectooladdict\/wavsep: the web application vulnerability scanner evaluation project. https:\/\/github.com\/sectooladdict\/wavsep. Accessed 01 June 2021"},{"key":"518_CR40","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102204","volume":"103","author":"F Caturano","year":"2021","unstructured":"Caturano, F., Perrone, G., Romano, S.: Discovering reflected cross-site scripting vulnerabilities using a multiobjective reinforcement learning environment\u2019\u2019. Comput. Secur. 103, 102204 (2021)","journal-title":"Comput. Secur."},{"key":"518_CR41","doi-asserted-by":"crossref","unstructured":"Lv, C., Zhang, L., Zeng, F., Zhang, J.: Adaptive random testing for xss vulnerability. In: Proceedings\u2014Asia-Pacific Software Engineering Conference, APSEC, vol. 2019\u2013December, pp. 63\u201369 (2019)","DOI":"10.1109\/APSEC48747.2019.00018"},{"key":"518_CR42","unstructured":"Bennetts, S.: Owasp zed attack proxy (2013). https:\/\/owasp.org\/www-project-zap\/. Accessed 01 Mar 2021"},{"key":"518_CR43","unstructured":"Chen, S.: Wavsep 2017\/2018\u2014evaluating dast against pt\/sdl challenges (1970). http:\/\/sectooladdict.blogspot.com\/2017\/11\/wavsep-2017-evaluating-dast-against.html. Accessed 03 Mar 2021"},{"key":"518_CR44","unstructured":"OWASP, Xss filter evasion cheat sheet (2008). https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/XSS_Filter_Evasion_Cheat_Sheet.html. Online. Accessed 4 Sep 2023"},{"key":"518_CR45","unstructured":"Swigger, P.: SQL injection bypassing common filters (2023). https:\/\/portswigger.net\/support\/sql-injection-bypassing-common-filters. Online. Accessed 4 Sep 2023"},{"key":"518_CR46","unstructured":"Google, Advanced obfuscation path traversal (2023). https:\/\/code.google.com\/archive\/p\/teenage-mutant-ninja-turtles\/wikis\/AdvancedObfuscationPathtraversal.wiki. Online. Accessed 4 Sep2023"},{"key":"518_CR47","doi-asserted-by":"publisher","unstructured":"Caturano, F., Perrone, G., Romano, S. P.: Hacking goals: a goal-centric attack classification framework. In: Testing Software and Systems: 32nd IFIP WG 6.1 International Conference, ICTSS 2020, Naples, Italy, December 9\u201311, 2020, Proceedings. Springer, Berlin, pp. 296-301 (2020). [Online]. https:\/\/doi.org\/10.1007\/978-3-030-64881-7_19","DOI":"10.1007\/978-3-030-64881-7_19"},{"key":"518_CR48","doi-asserted-by":"publisher","first-page":"248","DOI":"10.1016\/j.comcom.2022.08.018","volume":"195","author":"N Auricchio","year":"2022","unstructured":"Auricchio, N., Cappuccio, A., Caturano, F., Perrone, G., Romano, S.P.: An automated approach to web offensive security. Comput. Commun. 195, 248\u2013261 (2022)","journal-title":"Comput. Commun."},{"key":"518_CR49","doi-asserted-by":"publisher","DOI":"10.1145\/3474553","author":"B Zhang","year":"2021","unstructured":"Zhang, B., Li, J., Ren, J., Huang, G.: Efficiency and effectiveness of web application vulnerability detection approaches: a review. ACM Comput. Surv. (2021). https:\/\/doi.org\/10.1145\/3474553","journal-title":"ACM Comput. Surv."},{"key":"518_CR50","doi-asserted-by":"publisher","first-page":"766","DOI":"10.1016\/j.jss.2017.02.040","volume":"137","author":"J Thom\u00e9","year":"2018","unstructured":"Thom\u00e9, J., Shar, L.K., Bianculli, D., Briand, L.: Security slicing for auditing common injection vulnerabilities. J. Syst. Softw. 137, 766\u2013783 (2018). https:\/\/doi.org\/10.1016\/j.jss.2017.02.040","journal-title":"J. Syst. Softw."},{"issue":"1","key":"518_CR51","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1109\/tr.2015.2457411","volume":"65","author":"I Medeiros","year":"2016","unstructured":"Medeiros, I., Neves, N., Correia, M.: Detecting and removing web application vulnerabilities with static analysis and data mining. IEEE Trans. Reliab. 65(1), 54\u201369 (2016). https:\/\/doi.org\/10.1109\/tr.2015.2457411","journal-title":"IEEE Trans. Reliab."},{"key":"518_CR52","doi-asserted-by":"publisher","unstructured":"Yan, X., Ma, H., Wang, Q.: A static backward taint data analysis method for detecting web application vulnerabilities. In: 2017 IEEE 9th International Conference on Communication Software and Networks (ICCSN). IEEE (may 2017) [Online]. https:\/\/doi.org\/10.1109\/iccsn.2017.8230288","DOI":"10.1109\/iccsn.2017.8230288"},{"key":"518_CR53","doi-asserted-by":"publisher","DOI":"10.14569\/ijacsa.2017.081254","author":"M Noman","year":"2017","unstructured":"Noman, M., Iqbal, M., Talha, M., Jain, V., Mirza, H., Rasheed, K.: Web unique method (WUM): an open source blackbox scanner for detecting web vulnerabilities. IJACSA (2017). https:\/\/doi.org\/10.14569\/ijacsa.2017.081254","journal-title":"IJACSA"},{"key":"518_CR54","doi-asserted-by":"publisher","first-page":"160","DOI":"10.1007\/978-3-319-23276-8_14","volume-title":"Global Security, Safety and Sustainability: Tomorrow\u2019s Challenges of Cyber Security","author":"NF Awang","year":"2015","unstructured":"Awang, N.F., Manaf, A.A.: Automated security testing framework for detecting SQL injection vulnerability in web application. In: Jahankhani, H., Carlile, A., Akhgar, B., Taal, A., Hessami, A.G., Hosseinian-Far, A. (eds.) Global Security, Safety and Sustainability: Tomorrow\u2019s Challenges of Cyber Security, pp. 160\u2013171. Springer, Cham (2015)"},{"key":"518_CR55","doi-asserted-by":"publisher","unstructured":"Ciampa, A., Visaggio, C. A., Penta, M. D.: A heuristic-based approach for detecting SQL-injection vulnerabilities in web applications. In: Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems. ACM (may 2010) [Online]. https:\/\/doi.org\/10.1145\/1809100.1809107","DOI":"10.1145\/1809100.1809107"},{"key":"518_CR56","doi-asserted-by":"crossref","unstructured":"Gupta, M.K., Govil, M. C., Singh, G., Sharma, P.: Xssdm: towards detection and mitigation of cross-site scripting vulnerabilities in web applications. In: 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 2010\u20132015 (2015)","DOI":"10.1109\/ICACCI.2015.7275912"},{"key":"518_CR57","doi-asserted-by":"publisher","unstructured":"Akrout, R., Alata, E., Kaaniche, M., Nicomette, V.: An automated black box approach for web vulnerability identification and attack scenario generation. J. Braz. Comput. Soc. 20(1), 4 (2014). https:\/\/doi.org\/10.1186\/1678-4804-20-4","DOI":"10.1186\/1678-4804-20-4"},{"key":"518_CR58","doi-asserted-by":"publisher","unstructured":"Medeiros, I., Neves, N., Correia, M.: Dekant: a static analysis tool that learns to detect web application vulnerabilities. In: Proceedings of the 25th International Symposium on Software Testing and Analysis, ser. ISSTA 2016. New York, NY, USA: Association for Computing Machinery (2016), pp. 1\u201311. [Online]. https:\/\/doi.org\/10.1145\/2931037.2931041","DOI":"10.1145\/2931037.2931041"},{"key":"518_CR59","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-642-34210-3_3","volume-title":"Secure IT Systems","author":"T Jensen","year":"2012","unstructured":"Jensen, T., Pedersen, H., Olesen, M.C., Hansen, R.R.: Thaps: automated vulnerability scanning of php applications. In: J\u00f8sang, A., Carlsson, B. (eds.) Secure IT Systems, pp. 31\u201346. Springer, Berlin (2012)"},{"key":"518_CR60","doi-asserted-by":"publisher","unstructured":"Wassermann, G., Su, Z.: Static detection of cross-site scripting vulnerabilities. In: Proceedings of the 13th International Conference on Software Engineering\u2014ICSE \u201908. ACM Press (2008) [Online]. https:\/\/doi.org\/10.1145\/1368088.1368112","DOI":"10.1145\/1368088.1368112"},{"issue":"6","key":"518_CR61","doi-asserted-by":"publisher","first-page":"688","DOI":"10.1109\/tdsc.2014.2373377","volume":"12","author":"LK Shar","year":"2015","unstructured":"Shar, L.K., Briand, L.C., Tan, H.B.K.: Web application vulnerability prediction using hybrid program analysis and machine learning. Trans. Dependable Secure Comput. 12(6), 688\u2013707 (2015). https:\/\/doi.org\/10.1109\/tdsc.2014.2373377","journal-title":"Trans. Dependable Secure Comput."},{"issue":"3","key":"518_CR62","doi-asserted-by":"publisher","first-page":"897","DOI":"10.1007\/s13369-015-1891-7","volume":"41","author":"S Gupta","year":"2015","unstructured":"Gupta, S., Gupta, B.B.: XSS-SAFE: a server-side approach to detect and mitigate cross-site scripting (XSS) attacks in JavaScript code. Arab. J. Sci. Eng. 41(3), 897\u2013920 (2015). https:\/\/doi.org\/10.1007\/s13369-015-1891-7","journal-title":"Arab. J. Sci. Eng."},{"key":"518_CR63","doi-asserted-by":"crossref","unstructured":"Shar, L.K., Tan, H.B.K.: Auditing the defense against cross site scripting in web applications. In: Proceedings of the International Conference on Security and Cryptography\u2014Volume 1: SECRYPT, (ICETE 2010), INSTICC. SciTePress, pp. 505\u2013511 (2010)","DOI":"10.5220\/0002963905050511"},{"key":"518_CR64","doi-asserted-by":"publisher","DOI":"10.1145\/1698750.1698754","author":"P Bisht","year":"2010","unstructured":"Bisht, P., Madhusudan, P., Venkatakrishnan, V.N.: Candid: dynamic candidate evaluations for automatic prevention of SQL injection attacks. ACM Trans. Inf. Syst. Secur. (2010). https:\/\/doi.org\/10.1145\/1698750.1698754","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"518_CR65","unstructured":"Martin, M., Lam, M.S.: Automatic generation of XSS and SQL injection attacks with goal-directed model checking. In: Proceedings of the 17th Conference on Security Symposium, ser. SS\u201908. USA: USENIX Association, pp. 31\u201343 (2008)"},{"key":"518_CR66","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1016\/j.cose.2014.04.007","volume":"44","author":"Y-S Jang","year":"2014","unstructured":"Jang, Y.-S., Choi, J.-Y.: Detecting SQL injection attacks using query result size. Comput. Secur. 44, 104\u2013118 (2014)","journal-title":"Comput. Secur."},{"key":"518_CR67","doi-asserted-by":"crossref","unstructured":"Lei, L., Jing, X., Minglei, L., Jufeng, Y.: A dynamic SQL injection vulnerability test case generation model based on the multiple phases detection approach. In: 2013 IEEE 37th Annual Computer Software and Applications Conference, pp. 256\u2013261 (2013)","DOI":"10.1109\/COMPSAC.2013.42"},{"key":"518_CR68","doi-asserted-by":"crossref","unstructured":"Liu, L., Xu, J., Guo, C., Kang, J., Xu, S., Zhang, B.: Exposing SQL injection vulnerability through penetration test based on finite state machine. In: 2016 2nd IEEE International Conference on Computer and Communications (ICCC), pp. 1171\u20131175 (2016)","DOI":"10.1109\/CompComm.2016.7924889"},{"key":"518_CR69","doi-asserted-by":"publisher","unstructured":"Liu, L., Xu, J., Yang, H., Guo, C., Kang, J., Xu, S., Zhang, B., Si, G.: An effective penetration test approach based on feature matrix for exposing SQL injection vulnerability. In: 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC). IEEE, [Online] (2016). https:\/\/doi.org\/10.1109\/compsac.2016.55","DOI":"10.1109\/compsac.2016.55"},{"key":"518_CR70","doi-asserted-by":"publisher","unstructured":"Ruse, M.E., Basu, S.: Detecting cross-site scripting vulnerability using concolic testing. In: 2013 10th International Conference on Information Technology: New Generations. IEEE [Online] (2013). https:\/\/doi.org\/10.1109\/itng.2013.97","DOI":"10.1109\/itng.2013.97"},{"issue":"1","key":"518_CR71","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1016\/j.mcm.2011.01.050","volume":"55","author":"I Lee","year":"2012","unstructured":"Lee, I., Jeong, S., Yeo, S., Moon, J.: A novel method for SQL injection attack detection based on removing SQL query attribute values. Math. Comput. Model. 55(1), 58\u201368 (2012)","journal-title":"Math. Comput. Model."},{"key":"518_CR72","doi-asserted-by":"crossref","unstructured":"Vithanage, N.M., Jeyamohan, N.: Webguardia: an integrated penetration testing system to detect web application vulnerabilities. In: 2016 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), pp. 221\u2013227 (2016)","DOI":"10.1109\/WiSPNET.2016.7566124"},{"key":"518_CR73","doi-asserted-by":"publisher","unstructured":"Avancini, A., Ceccato, M.: Comparison and integration of genetic algorithms and dynamic symbolic execution for security testing of cross-site scripting vulnerabilities. Inf. Softw. Technol. 55(12), 2209\u20132222 (2013). https:\/\/doi.org\/10.1016\/j.infsof.2013.08.001","DOI":"10.1016\/j.infsof.2013.08.001"},{"key":"518_CR74","doi-asserted-by":"crossref","unstructured":"Shar, L.K., Beng Kuan\u00a0Tan, H., Briand, L.C.: Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis. In: 013 35th International Conference on Software Engineering (ICSE), pp. 642\u2013651 (2013)","DOI":"10.1109\/ICSE.2013.6606610"},{"key":"518_CR75","doi-asserted-by":"publisher","unstructured":"Djuric, Z.: A black-box testing tool for detecting SQL injection vulnerabilities. In: 2013 Second International Conference on Informatics and Applications (ICIA). IEEE, [Online] (2013). https:\/\/doi.org\/10.1109\/icoia.2013.6650259","DOI":"10.1109\/icoia.2013.6650259"},{"key":"518_CR76","doi-asserted-by":"crossref","unstructured":"Kumar\u00a0Singh, A., Roy, S.: A network based vulnerability scanner for detecting SQLI attacks in web applications. In: 2012 1st International Conference on Recent Advances in Information Technology (RAIT), pp. 585\u2013590 (2012)","DOI":"10.1109\/RAIT.2012.6194594"},{"key":"518_CR77","doi-asserted-by":"crossref","unstructured":"Wu, H., Gao, G., Miao, C.: Test SQL injection vulnerabilities in web applications based on structure matching. In: Proceedings of 2011 International Conference on Computer Science and Network Technology, vol. 2, pp. 935\u2013938 (2011)","DOI":"10.1109\/ICCSNT.2011.6182115"},{"issue":"11","key":"518_CR78","doi-asserted-by":"publisher","first-page":"2263","DOI":"10.1016\/j.jss.2010.07.007","volume":"83","author":"N Li","year":"2010","unstructured":"Li, N., Xie, T., Jin, M., Liu, C.: Perturbation-based user-input-validation testing of web applications. J. Syst. Softw. 83(11), 2263\u20132274 (2010). https:\/\/doi.org\/10.1016\/j.jss.2010.07.007","journal-title":"J. Syst. Softw."},{"key":"518_CR79","doi-asserted-by":"publisher","unstructured":"Chen, J.-M., Wu, C.-L.: An automated vulnerability scanner for injection attack based on injection point. In: 2010 International Computer Symposium (ICS2010). IEEE, [Online] (2010). https:\/\/doi.org\/10.1109\/compsym.2010.5685537","DOI":"10.1109\/compsym.2010.5685537"},{"key":"518_CR80","doi-asserted-by":"publisher","unstructured":"Balzarotti, D., Cova, M., Felmetsger, V., Jovanovic, N., Kirda, E., Kruegel, C., Vigna, G.: Saner: composing static and dynamic analysis to validate sanitization in web applications. In: 2008 IEEE Symposium on Security and Privacy (sp 2008). IEEE [Online] (2008). https:\/\/doi.org\/10.1109\/sp.2008.22","DOI":"10.1109\/sp.2008.22"},{"key":"518_CR81","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1016\/j.sysarc.2015.11.001","volume":"64","author":"MA Ahmed","year":"2016","unstructured":"Ahmed, M.A., Ali, F.: Multiple-path testing for cross site scripting using genetic algorithms. J. Syst. Archit. 64, 50\u201362 (2016). https:\/\/doi.org\/10.1016\/j.sysarc.2015.11.001","journal-title":"J. Syst. Archit."},{"issue":"2","key":"518_CR82","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1109\/tse.2018.2844343","volume":"46","author":"J Thome","year":"2020","unstructured":"Thome, J., Shar, L.K., Bianculli, D., Briand, L.: An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving. IEEE Trans. Softw. Eng. Trans. Softw. Eng. 46(2), 163\u2013195 (2020). https:\/\/doi.org\/10.1109\/tse.2018.2844343","journal-title":"IEEE Trans. Softw. Eng. Trans. Softw. Eng."},{"issue":"1\u20132","key":"518_CR83","first-page":"028","volume":"17","author":"MK Gupta","year":"2018","unstructured":"Gupta, M.K., Govil, M.C., Singh, G.: Text-mining and pattern-matching based prediction models for detecting vulnerable files in web applications. J. Web Eng. 17(1\u20132), 028\u2013044 (2018)","journal-title":"J. Web Eng."},{"key":"518_CR84","doi-asserted-by":"publisher","unstructured":"Agosta, G., Barenghi, A., Parata, A., Pelosi, G.: Automated security analysis of dynamic web applications through symbolic code execution. In: 2012 Ninth International Conference on Information Technology\u2014New Generations. IEEE [Online] (2012). https:\/\/doi.org\/10.1109\/itng.2012.167","DOI":"10.1109\/itng.2012.167"},{"key":"518_CR85","doi-asserted-by":"publisher","unstructured":"Ceccato, M., Nguyen, C.D., Appelt, D., Briand, L. C.: SOFIA: an automated security oracle for black-box testing of SQL-injection vulnerabilities. In: Proceedings of the 31st IEEE\/ACM International Conference on Automated Software Engineering. ACM [Online] (2016). https:\/\/doi.org\/10.1145\/2970276.2970343","DOI":"10.1145\/2970276.2970343"},{"issue":"4","key":"518_CR86","doi-asserted-by":"publisher","first-page":"1470","DOI":"10.1109\/TR.2019.2910285","volume":"68","author":"L Zhang","year":"2019","unstructured":"Zhang, L., Zhang, D., Wang, C., Zhao, J., Zhang, Z.: Art4sqli: the art of SQL injection vulnerability discovery. IEEE Trans. Reliab. 68(4), 1470\u20131489 (2019)","journal-title":"IEEE Trans. Reliab."},{"key":"518_CR87","unstructured":"A survey of large language models (2023)"},{"key":"518_CR88","unstructured":"Charalambous, Y., Tihanyi, N., Jain, R., Sun, Y., Ferrag, M.A., Cordeiro, L.C.: A new era in software security: towards self-healing software via large language models and formal verification (2023)"},{"key":"518_CR89","doi-asserted-by":"crossref","unstructured":"He, J., Vechev, M.: Large language models for code: security hardening and adversarial testing (2023)","DOI":"10.1145\/3576915.3623175"},{"key":"518_CR90","doi-asserted-by":"crossref","unstructured":"Yang, G., Dineen, S., Lin, Z., Liu, X.: Few-sample named entity recognition for security vulnerability reports by fine-tuning pre-trained language models. In: Wang, G., Ciptadi, A., Ahmadzadeh, A. (eds.) Deployable Machine Learning for Security Defense, pp. 55\u201378. Springer, Cham (2021)","DOI":"10.1007\/978-3-030-87839-9_3"},{"key":"518_CR91","doi-asserted-by":"crossref","unstructured":"Pearce, H., Tan, B., Ahmad, B., Karri, R., Dolan-Gavitt, B.: Examining zero-shot vulnerability repair with large language models. In: IEEE Symposium on Security and Privacy (SP), vol. 2023, pp. 2339\u20132356 (2023)","DOI":"10.1109\/SP46215.2023.10179324"},{"key":"518_CR92","doi-asserted-by":"crossref","unstructured":"Noever, D.: Can large language models find and fix vulnerable software? (2023)","DOI":"10.5121\/ijaia.2023.14301"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-024-00518-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11416-024-00518-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-024-00518-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,15]],"date-time":"2024-10-15T15:09:28Z","timestamp":1729004968000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11416-024-00518-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,12]]},"references-count":92,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2024,11]]}},"alternative-id":["518"],"URL":"https:\/\/doi.org\/10.1007\/s11416-024-00518-0","relation":{},"ISSN":["2263-8733"],"issn-type":[{"value":"2263-8733","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,4,12]]},"assertion":[{"value":"19 April 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 February 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 April 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declaration"}},{"value":"The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest Declaration"}}]}}