Análisis y optimización del proceso de validación de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad

Toshiro Nagata Bolivar; Marjorye S.Alemán Delgado; Yury A.Toro Flores; Fancy U.Rivas Almonte

Análisis y optimización del proceso de validación de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad

Toshiro Nagata Bolivar, Marjorye S.Alemán Delgado, Yury A.Toro Flores, Fancy U.Rivas Almonte

Departamento Académico de Educación

Resultado de la investigación: Contribución a una revista › Artículo › revisión exhaustiva

Resumen

Currently Cross Site Scripting (XSS) attacks are one of the main threats to web applications. This XSS vulnerability is among the top 10 vulnerabilities in web applications according to OWASP top 10 as seen in https://wiki.owasp.org/ images/5/5e/OWASP-Top-10-2017-es.pdf. Although identifying a malicious script is an important part of defending a web application, current security measures are not sufficient. efficient. This article investigates the use of the Burp Suite tool for analysis and optimization of the different types of XSS attacks using Burp Suite, in the same way that this tool allows to speed up the search and exploitation process with greater efficiency compared to other available tools.

Título traducido de la contribución	Analysis and optimization of the cross-site scripting (Xss) attack validation process using burp suite to evade security measures
Idioma original	Español
Páginas (desde-hasta)	414-432
Número de páginas	19
Publicación	RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao
Volumen	2021
N.º	E39
Estado	Publicada - ene. 2021

Nota bibliográfica

Publisher Copyright:
© 2021, Associacao Iberica de Sistemas e Tecnologias de Informacao. All rights reserved.

Palabras clave

Burp Suite
Cross-site scripting (XSS)
Security evasion

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

@article{20b5064e167040489b6e2cbeeef18c9b,

title = "An{\'a}lisis y optimizaci{\'o}n del proceso de validaci{\'o}n de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad",

abstract = "Currently Cross Site Scripting (XSS) attacks are one of the main threats to web applications. This XSS vulnerability is among the top 10 vulnerabilities in web applications according to OWASP top 10 as seen in https://wiki.owasp.org/ images/5/5e/OWASP-Top-10-2017-es.pdf. Although identifying a malicious script is an important part of defending a web application, current security measures are not sufficient. efficient. This article investigates the use of the Burp Suite tool for analysis and optimization of the different types of XSS attacks using Burp Suite, in the same way that this tool allows to speed up the search and exploitation process with greater efficiency compared to other available tools.",

keywords = "Burp Suite, Cross-site scripting (XSS), Security evasion",

author = "Bolivar, {Toshiro Nagata} and Delgado, {Marjorye S.Alem{\'a}n} and Flores, {Yury A.Toro} and Almonte, {Fancy U.Rivas}",

year = "2021",

month = jan,

language = "Espa{\~n}ol",

volume = "2021",

pages = "414--432",

journal = "RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao",

issn = "1646-9895",

publisher = "Associacao Iberica de Sistemas e Tecnologias de Informacao (AISTI)",

number = "E39",

}

Análisis y optimización del proceso de validación de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad. / Bolivar, Toshiro Nagata; Delgado, Marjorye S.Alemán; Flores, Yury A.Toro et al.

En: RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao, Vol. 2021, N.º E39, 01.2021, p. 414-432.

Resultado de la investigación: Contribución a una revista › Artículo › revisión exhaustiva

TY - JOUR

T1 - Análisis y optimización del proceso de validación de ataques de secuencia de comandos en sitios cruzados (Xss) empleando burp suite para evadir medidas de seguridad

AU - Bolivar, Toshiro Nagata

AU - Delgado, Marjorye S.Alemán

AU - Flores, Yury A.Toro

AU - Almonte, Fancy U.Rivas

PY - 2021/1

Y1 - 2021/1

N2 - Currently Cross Site Scripting (XSS) attacks are one of the main threats to web applications. This XSS vulnerability is among the top 10 vulnerabilities in web applications according to OWASP top 10 as seen in https://wiki.owasp.org/ images/5/5e/OWASP-Top-10-2017-es.pdf. Although identifying a malicious script is an important part of defending a web application, current security measures are not sufficient. efficient. This article investigates the use of the Burp Suite tool for analysis and optimization of the different types of XSS attacks using Burp Suite, in the same way that this tool allows to speed up the search and exploitation process with greater efficiency compared to other available tools.

AB - Currently Cross Site Scripting (XSS) attacks are one of the main threats to web applications. This XSS vulnerability is among the top 10 vulnerabilities in web applications according to OWASP top 10 as seen in https://wiki.owasp.org/ images/5/5e/OWASP-Top-10-2017-es.pdf. Although identifying a malicious script is an important part of defending a web application, current security measures are not sufficient. efficient. This article investigates the use of the Burp Suite tool for analysis and optimization of the different types of XSS attacks using Burp Suite, in the same way that this tool allows to speed up the search and exploitation process with greater efficiency compared to other available tools.

KW - Burp Suite

KW - Cross-site scripting (XSS)

KW - Security evasion

UR - http://www.scopus.com/inward/record.url?scp=85101945115&partnerID=8YFLogxK

M3 - Artículo

AN - SCOPUS:85101945115

VL - 2021

SP - 414

EP - 432

JO - RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao

JF - RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao

SN - 1646-9895

IS - E39

ER -