{"id":"https://openalex.org/W3094463643","doi":"https://doi.org/10.1109/icccnt49239.2020.9225385","title":"Automated versus Manual Approach of Web Application Penetration Testing","display_name":"Automated versus Manual Approach of Web Application Penetration Testing","publication_year":2020,"publication_date":"2020-07-01","ids":{"openalex":"https://openalex.org/W3094463643","doi":"https://doi.org/10.1109/icccnt49239.2020.9225385","mag":"3094463643"},"language":"en","primary_location":{"id":"doi:10.1109/icccnt49239.2020.9225385","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icccnt49239.2020.9225385","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102376136","display_name":"Navneet Singh","orcid":null},"institutions":[{"id":"https://openalex.org/I11880225","display_name":"National Institute of Technology Karnataka","ror":"https://ror.org/01hz4v948","country_code":"IN","type":"education","lineage":["https://openalex.org/I11880225"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Navneet Singh","raw_affiliation_strings":["National Institute of Technology Karnataka, Surathkal, Mangalore, India"],"affiliations":[{"raw_affiliation_string":"National Institute of Technology Karnataka, Surathkal, Mangalore, India","institution_ids":["https://openalex.org/I11880225"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070377226","display_name":"Vishtasp Meherhomji","orcid":null},"institutions":[{"id":"https://openalex.org/I11880225","display_name":"National Institute of Technology Karnataka","ror":"https://ror.org/01hz4v948","country_code":"IN","type":"education","lineage":["https://openalex.org/I11880225"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Vishtasp Meherhomji","raw_affiliation_strings":["National Institute of Technology Karnataka, Surathkal, Mangalore, India"],"affiliations":[{"raw_affiliation_string":"National Institute of Technology Karnataka, Surathkal, Mangalore, India","institution_ids":["https://openalex.org/I11880225"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5009427723","display_name":"B. R. Chandavarkar","orcid":"https://orcid.org/0000-0001-6944-875X"},"institutions":[{"id":"https://openalex.org/I11880225","display_name":"National Institute of Technology Karnataka","ror":"https://ror.org/01hz4v948","country_code":"IN","type":"education","lineage":["https://openalex.org/I11880225"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"B. R. Chandavarkar","raw_affiliation_strings":["National Institute of Technology Karnataka, Surathkal, Mangalore, India"],"affiliations":[{"raw_affiliation_string":"National Institute of Technology Karnataka, Surathkal, Mangalore, India","institution_ids":["https://openalex.org/I11880225"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5102376136"],"corresponding_institution_ids":["https://openalex.org/I11880225"],"apc_list":null,"apc_paid":null,"fwci":4.01,"has_fulltext":false,"cited_by_count":32,"citation_normalized_percentile":{"value":0.9472935,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":93,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7879464626312256},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.7289944291114807},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6894360780715942},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.6797658801078796},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.6787140369415283},{"id":"https://openalex.org/keywords/web-testing","display_name":"Web testing","score":0.6165221929550171},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.5641770362854004},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5556408166885376},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.5027620792388916},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.49088555574417114},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.46826866269111633},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.45674389600753784},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.4202154874801636},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3651108741760254},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.33151423931121826},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.2861595153808594},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.259459912776947},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1023457944393158},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.10114142298698425},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.07878348231315613}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7879464626312256},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.7289944291114807},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6894360780715942},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.6797658801078796},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.6787140369415283},{"id":"https://openalex.org/C42989059","wikidata":"https://www.wikidata.org/wiki/Q7978626","display_name":"Web testing","level":5,"score":0.6165221929550171},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.5641770362854004},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5556408166885376},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.5027620792388916},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.49088555574417114},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.46826866269111633},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.45674389600753784},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.4202154874801636},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3651108741760254},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.33151423931121826},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.2861595153808594},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.259459912776947},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1023457944393158},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.10114142298698425},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.07878348231315613},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icccnt49239.2020.9225385","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icccnt49239.2020.9225385","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.7200000286102295,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W1998851742","https://openalex.org/W2033395333","https://openalex.org/W2044013929","https://openalex.org/W2082024430","https://openalex.org/W2143244564","https://openalex.org/W2342922302","https://openalex.org/W2578124543","https://openalex.org/W2578193553","https://openalex.org/W2596525465","https://openalex.org/W2782765055","https://openalex.org/W2808680185","https://openalex.org/W2814865250","https://openalex.org/W2891367523","https://openalex.org/W2899076911","https://openalex.org/W2969658140","https://openalex.org/W2982577744","https://openalex.org/W2997555838"],"related_works":["https://openalex.org/W52209804","https://openalex.org/W1668723973","https://openalex.org/W4240401768","https://openalex.org/W2547817202","https://openalex.org/W331060086","https://openalex.org/W2540919174","https://openalex.org/W4385770215","https://openalex.org/W2094754363","https://openalex.org/W4312809367","https://openalex.org/W626641102"],"abstract_inverted_index":{"The":[0,56],"main":[1],"aim":[2],"of":[3,58,146,148],"this":[4,156],"work":[5,138],"is":[6,124],"to":[7,81,101],"find":[8],"and":[9,20,89,94,99],"explain":[10],"certain":[11,114],"scenarios":[12,29,115],"that":[13],"can":[14],"demonstrate":[15],"the":[16,51,127,137,144],"differences":[17],"in":[18,30,44,133,143],"automated":[19],"manual":[21,32,88],"approaches":[22],"for":[23,40,66,129],"penetration":[24],"testing.":[25],"There":[26],"are":[27],"some":[28,48],"which":[31,119,151],"testing":[33],"works":[34],"better":[35,125],"than":[36,126],"automatic":[37,90],"scripts/vulnerability":[38],"scanners":[39],"finding":[41],"security":[42,83,131],"issues":[43,132],"web":[45,60,82,134],"applications.":[46,135],"In":[47],"other":[49,128],"scenarios,":[50],"opposite":[52],"may":[53],"be":[54],"true.":[55],"concepts":[57],"various":[59],"application":[61],"vulnerabilities":[62],"have":[63,96,116],"been":[64,97,117],"used":[65,98,118],"testing,":[67],"including":[68],"OWASP":[69],"<sup":[70],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[71],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">1</sup>":[72],"Open":[73],"Web":[74],"Application":[75],"Security":[76],"Project;":[77],"online":[78],"community":[79],"dedicated":[80],"Top":[84],"10,":[85],"using":[86],"both":[87,149],"approaches.":[91],"Automation":[92],"tools":[93],"scripts":[95],"tested":[100],"see":[102],"what":[103],"could":[104],"potentially":[105],"go":[106],"wrong":[107],"if":[108],"attackers":[109],"exploit":[110],"such":[111],"vulnerabilities.":[112],"Also,":[113],"determine":[120],"whether":[121],"one":[122],"approach":[123],"finding/detecting":[130],"Finally,":[136],"concludes":[139],"by":[140],"providing":[141],"results":[142],"form":[145],"pros-and-cons":[147],"approaches,":[150],"it":[152],"realises":[153],"after":[154],"carrying":[155],"out.":[157]},"counts_by_year":[{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":7},{"year":2021,"cited_by_count":2}],"updated_date":"2026-03-01T08:55:55.761014","created_date":"2025-10-10T00:00:00"}