Design And Implementation Of A Web Application Security Vulnerability Testing Tool Punks

The security of web application has already become the focus in network security area; it was increasingly attached importance to find out a number of securities vulnerability in web application. In this context, we studied the class and disserve of web application security vulnerability and compared the static vulnerability test to the dynamic vulnerability test. We pointed out that the dynamic vulnerability test is the most suited mean to test the web application security vulnerability. Based on this, we designed and implemented a web application security vulnerability testing tool--Punks. The design and implementation of crawler module of Punks is root in rewriting of an open source crawler, HarvestMan. For the sake of high ability, we designed and implemented an inject/analyze module which sustained by queue buffer and multithreading. We also made integrated the two modules well and implemented a web application security vulnerability testing tool with high ability.