摘要 |
A recursive web crawling (512) and analysis tool that includes conducting an initial crawl of a target to identify testable or analyzable objects. The objects are then parsed (518) to identify vulnerabilities, as well as additional objects that can be analyzed. An attack is then launched against the analyzable objects in an effort to break or verify the vulnerabilities. During this attack, additional analyzable objects may be discovered. If such additional objects are discovered, the web crawler (512) is invoked on the additional objects as well, and the results of the crawl are fed back into t he parser (518) and attacker functions.
|