Idea: Using System Level Testing for Revealing SQL Injection-Related Error Message Information Leaks: Difference between revisions
Programsam (talk | contribs) |
Programsam (talk | contribs) |
||
| Line 127: | Line 127: | ||
# The approach we propose in this paper tests the web application in the context of its server; a system level technique. However, our approach also targets specific areas (“hotspots”) of the web application; a unit level technique. Thus, the way we use HtmlUnit in our case study is a hybrid of system level and unit level approaches, which is technically considered grey box testing <sup>[8, 9]</sup>. | # The approach we propose in this paper tests the web application in the context of its server; a system level technique. However, our approach also targets specific areas (“hotspots”) of the web application; a unit level technique. Thus, the way we use HtmlUnit in our case study is a hybrid of system level and unit level approaches, which is technically considered grey box testing <sup>[8, 9]</sup>. | ||
# http://www.mysql.com | # http://www.mysql.com | ||
# http://www.hibernate. | # http://www.hibernate.org/ | ||
# http://sourceforge.net | # http://sourceforge.net | ||
# http://eclipse.org/webtools/ | # http://eclipse.org/webtools/ | ||