摘要 |
A method and a system for determining vulnerability of web application are provided to classifies the factor included in the uniform resource locator(URL) and selectively determines the vulnerability of web application. A uniform resource locator link extracting unit(110) extracts the uniform resource locator link from the corresponding website. The fixing factor screening device(112) selects the fixing factor in the uniform resource locator link. The duplication check determining unit(114) determines whether the vulnerability is determined for the selected fixing factor or not. The offense pattern insertion part(118) inserts the offense pattern that each attack pattern especially predetermines the input value of the fixing factor in which the vulnerability determination is not performed and which is determined. A vulnerability determining unit(122) provides the uniform resource locator link in which the offense pattern is inserted to the web server(300). |