Perform automated penetration testing of a web application for vulnerability to SQL Injection Attacks. This tool combines SQLMap with WASP and WAM to provide a framework for the automatic generation of pen-testing inputs and detection of when an input successfully discovered a vulnerability. Available on request.
Verify interactions between components of a web application. This tool performs a static analysis of a web application in order to identify invocations generated by the application. WAIVE then verifies the invocations against the set of interfaces identified by the WAM tool. Available on request.
Identify web application interfaces. This tool performs a static analysis of a web application in order to identify the parameters that comprise the application's interfaces and domain constraints on the parameters. Available on request.
SQL Injection Testbed
Testbed of vulnerable web applications along with corresponding test datasets that include legitimate accesses and SQL injection attacks.
WASP
Protect web applications from SQL injection attacks. WASP uses positive tainting, which identifies and marks trusted strings in a web application, and syntax-aware evaluation, which controls the usage of strings in database queries based on their trust markings and syntactic position. WASP also uses MetaStrings, a library that I developed to track taint information at the character level. Currently, WASP is in commercialization.
Measure command-form coverage of a test suite. This tool identifies testing requirements based on the command-form coverage criterion and and monitors coverage of the criterion during testing. DITTO is available on request.
AMNESIA
Protect web applications from SQL injection attacks. This tool uses a conservative static analysis to build a model of the legitimate queries that can be generated by a web application. At runtime, it checks that each query complies with the model.