Análisis y optimización del proceso de validación de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad

Toshiro Nagata Bolivar; Marjorye S.Alemán Delgado; Yury A.Toro Flores; Fancy U.Rivas Almonte

Análisis y optimización del proceso de validación de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad

Translated title of the contribution: Analysis and optimization of the cross-site scripting (Xss) attack validation process using burp suite to evade security measures

Toshiro Nagata Bolivar, Marjorye S.Alemán Delgado, Yury A.Toro Flores, Fancy U.Rivas Almonte

Departamento Académico de Educación

Research output: Contribution to journal › Article › peer-review

Abstract

Currently Cross Site Scripting (XSS) attacks are one of the main threats to web applications. This XSS vulnerability is among the top 10 vulnerabilities in web applications according to OWASP top 10 as seen in https://wiki.owasp.org/ images/5/5e/OWASP-Top-10-2017-es.pdf. Although identifying a malicious script is an important part of defending a web application, current security measures are not sufficient. efficient. This article investigates the use of the Burp Suite tool for analysis and optimization of the different types of XSS attacks using Burp Suite, in the same way that this tool allows to speed up the search and exploitation process with greater efficiency compared to other available tools.

Translated title of the contribution	Analysis and optimization of the cross-site scripting (Xss) attack validation process using burp suite to evade security measures
Original language	Spanish
Pages (from-to)	414-432
Number of pages	19
Journal	RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao
Volume	2021
Issue number	E39
State	Published - Jan 2021

Bibliographical note

Publisher Copyright:
© 2021, Associacao Iberica de Sistemas e Tecnologias de Informacao. All rights reserved.

Cite this

@article{20b5064e167040489b6e2cbeeef18c9b,

title = "An{\'a}lisis y optimizaci{\'o}n del proceso de validaci{\'o}n de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad",

abstract = "Currently Cross Site Scripting (XSS) attacks are one of the main threats to web applications. This XSS vulnerability is among the top 10 vulnerabilities in web applications according to OWASP top 10 as seen in https://wiki.owasp.org/ images/5/5e/OWASP-Top-10-2017-es.pdf. Although identifying a malicious script is an important part of defending a web application, current security measures are not sufficient. efficient. This article investigates the use of the Burp Suite tool for analysis and optimization of the different types of XSS attacks using Burp Suite, in the same way that this tool allows to speed up the search and exploitation process with greater efficiency compared to other available tools.",

keywords = "Burp Suite, Cross-site scripting (XSS), Security evasion",

author = "Bolivar, {Toshiro Nagata} and Delgado, {Marjorye S.Alem{\'a}n} and Flores, {Yury A.Toro} and Almonte, {Fancy U.Rivas}",

year = "2021",

month = jan,

language = "Espa{\~n}ol",

volume = "2021",

pages = "414--432",

journal = "RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao",

issn = "1646-9895",

publisher = "Associacao Iberica de Sistemas e Tecnologias de Informacao (AISTI)",

number = "E39",

}

Análisis y optimización del proceso de validación de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad. / Bolivar, Toshiro Nagata; Delgado, Marjorye S.Alemán; Flores, Yury A.Toro et al.

In: RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao, Vol. 2021, No. E39, 01.2021, p. 414-432.

Research output: Contribution to journal › Article › peer-review

TY - JOUR

T1 - Análisis y optimización del proceso de validación de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad

AU - Bolivar, Toshiro Nagata

AU - Delgado, Marjorye S.Alemán

AU - Flores, Yury A.Toro

AU - Almonte, Fancy U.Rivas

PY - 2021/1

Y1 - 2021/1

N2 - Currently Cross Site Scripting (XSS) attacks are one of the main threats to web applications. This XSS vulnerability is among the top 10 vulnerabilities in web applications according to OWASP top 10 as seen in https://wiki.owasp.org/ images/5/5e/OWASP-Top-10-2017-es.pdf. Although identifying a malicious script is an important part of defending a web application, current security measures are not sufficient. efficient. This article investigates the use of the Burp Suite tool for analysis and optimization of the different types of XSS attacks using Burp Suite, in the same way that this tool allows to speed up the search and exploitation process with greater efficiency compared to other available tools.

AB - Currently Cross Site Scripting (XSS) attacks are one of the main threats to web applications. This XSS vulnerability is among the top 10 vulnerabilities in web applications according to OWASP top 10 as seen in https://wiki.owasp.org/ images/5/5e/OWASP-Top-10-2017-es.pdf. Although identifying a malicious script is an important part of defending a web application, current security measures are not sufficient. efficient. This article investigates the use of the Burp Suite tool for analysis and optimization of the different types of XSS attacks using Burp Suite, in the same way that this tool allows to speed up the search and exploitation process with greater efficiency compared to other available tools.

KW - Burp Suite

KW - Cross-site scripting (XSS)

KW - Security evasion

UR - http://www.scopus.com/inward/record.url?scp=85101945115&partnerID=8YFLogxK

M3 - Artículo

AN - SCOPUS:85101945115

VL - 2021

SP - 414

EP - 432

JO - RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao

JF - RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao

SN - 1646-9895

IS - E39

ER -

Análisis y optimización del proceso de validación de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad

Abstract

Bibliographical note

Other files and links

Cite this