{"id":"https://openalex.org/W7148461000","doi":"https://doi.org/10.48550/arxiv.2604.00704","title":"AutoEG: Exploiting Known Third-Party Vulnerabilities in Black-Box Web Applications","display_name":"AutoEG: Exploiting Known Third-Party Vulnerabilities in Black-Box Web Applications","publication_year":2026,"publication_date":"2026-04-01","ids":{"openalex":"https://openalex.org/W7148461000","doi":"https://doi.org/10.48550/arxiv.2604.00704"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.00704","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00704","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.00704","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Yang, Ruozhao","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Yang, Ruozhao","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":null,"display_name":"Cheng, Mingfei","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Cheng, Mingfei","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5132819392","display_name":"Gelei Deng","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Deng, Gelei","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5132791739","display_name":"Junjie Wang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Wang, Junjie","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5132806349","display_name":"Tianwei Zhang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhang, Tianwei","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5132798302","display_name":"Xiaofei Xie","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xie, Xiaofei","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9549999833106995,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9549999833106995,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.013799999840557575,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.01119999960064888,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.9656000137329102},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6439999938011169},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.6366000175476074},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.5408999919891357},{"id":"https://openalex.org/keywords/limiting","display_name":"Limiting","score":0.5385000109672546},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.5214999914169312},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5184000134468079},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.508400022983551}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.9656000137329102},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8234000205993652},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6937000155448914},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6439999938011169},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.6366000175476074},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.5408999919891357},{"id":"https://openalex.org/C188198153","wikidata":"https://www.wikidata.org/wiki/Q1613840","display_name":"Limiting","level":2,"score":0.5385000109672546},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.5214999914169312},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5184000134468079},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.508400022983551},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.48539999127388},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.46320000290870667},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.426800012588501},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.4242999851703644},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.4097999930381775},{"id":"https://openalex.org/C21593369","wikidata":"https://www.wikidata.org/wiki/Q1032176","display_name":"Countermeasure","level":2,"score":0.3675000071525574},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.31690001487731934},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.31290000677108765},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2840999960899353},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.2678999900817871},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.25099998712539673}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.00704","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00704","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.00704","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00704","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.40017685294151306,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Large-scale":[0],"web":[1,112],"applications":[2],"are":[3],"widely":[4,38],"deployed":[5],"with":[6,83,152,163],"complex":[7],"third-party":[8],"components,":[9],"inheriting":[10],"security":[11,70],"risks":[12],"arising":[13],"from":[14,76,125],"component":[15],"vulnerabilities.":[16],"Security":[17],"assessment":[18],"is":[19,36],"therefore":[20],"required":[21],"to":[22,60,91],"determine":[23],"whether":[24],"such":[25],"known":[26,49],"vulnerabilities":[27,50,82,162],"remain":[28],"practically":[29],"exploitable":[30],"in":[31,51,68,168],"real":[32],"applications.":[33,113],"Penetration":[34],"testing":[35],"a":[37,102],"adopted":[39],"approach":[40],"that":[41],"validates":[42],"exploitability":[43],"by":[44],"launching":[45],"concrete":[46,142],"attacks":[47],"against":[48],"real-world":[52,93,161],"black-box":[53,111],"systems.":[54],"However,":[55],"existing":[56],"approaches":[57],"often":[58],"fail":[59],"automatically":[61],"generate":[62],"reliable":[63],"exploits,":[64],"limiting":[65],"their":[66],"effectiveness":[67],"practical":[69],"assessment.":[71],"This":[72],"limitation":[73],"mainly":[74],"stems":[75],"two":[77,116],"issues:":[78],"(1)":[79],"precisely":[80],"triggering":[81],"correct":[84],"technical":[85],"details,":[86],"and":[87,129,145,172],"(2)":[88],"adapting":[89],"exploits":[90,148],"diverse":[92],"deployment":[94],"settings.":[95],"In":[96],"this":[97],"paper,":[98],"we":[99],"propose":[100],"AutoEG,":[101],"fully":[103],"automated":[104],"multi-agent":[105],"framework":[106],"for":[107,141],"exploit":[108,174],"generation":[109],"targeting":[110],"AutoEG":[114,119,137,158,176],"has":[115],"phases:":[117],"First,":[118],"extracts":[120],"precise":[121],"vulnerability":[122,127],"trigger":[123,134,139],"logic":[124],"unstructured":[126],"information":[128],"encapsulates":[130],"it":[131],"into":[132],"reusable":[133],"functions.":[135],"Second,":[136],"uses":[138],"functions":[140],"attack":[143,165],"objectives":[144],"iteratively":[146],"refines":[147],"through":[149],"feedback-driven":[150],"interaction":[151],"the":[153],"target":[154],"application.":[155],"We":[156],"evaluate":[157],"on":[159],"104":[160],"29":[164],"objectives,":[166],"resulting":[167],"660":[169],"exploitation":[170],"tasks":[171],"55,440":[173],"attempts.":[175],"achieves":[177],"an":[178],"average":[179],"success":[180],"rate":[181],"of":[182],"82.41%,":[183],"substantially":[184],"outperforming":[185],"state-of-the-art":[186],"baselines,":[187],"whose":[188],"best":[189],"performance":[190],"reaches":[191],"only":[192],"32.88%.":[193]},"counts_by_year":[],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2026-04-03T00:00:00"}