Cross Platform Web based Fuzzing

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Focardi, Riccardo it_IT
dc.contributor.author Khan, Muhammad Jalil <1995> it_IT
dc.date.accessioned 2024-02-05 it_IT
dc.date.accessioned 2024-05-08T12:14:12Z
dc.date.issued 2024-03-27 it_IT
dc.identifier.uri http://hdl.handle.net/10579/26017
dc.description.abstract We use web applications on daily basis. Web applications are found on all sort of devices such as phones tablets, TVs and computers. As the utilization of web applications increases, the need to keep them safe also increases. Security in any type of software is an extremely important aspect, it is therefore, the responsibility of the software developers to keep the user’s data safe. Fuzzing, or Fuzz testing provides an informal way to test software’s and web applications without the need for human contact or experience. Web based fuzzing is not the same as, regular fuzzing. They do not produce any random input data themselves, but instead they use different word lists and other payloads as inputs for different purposes. This thesis compares the performance of the two command-line web fuzzers Wfuzz, Ffuf and a windows based tool called BurpSuite with each other. First assumption was that BurpSuite is the better tool because it is easier to install and use with a simple GUI. On the other hand, Wfuzz and Ffuf are command line tools with no GUI. Ffuf uses the least memory followed by Wfuzz and BurpSuite. While in CPU usage BurpSuite is the winner followed by Ffuf. For comparison Memory usage and CPU utilization were used. The final verdict of the comparison is that even though BurpSuite is easier to use with GUI but it is not open source although Ffuf is a newer tool and open source but the ideal choice is Wfuzz because it is well established and open source tool. it_IT
dc.language.iso en it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Muhammad Jalil Khan, 2024 it_IT
dc.title Cross Platform Web based Fuzzing it_IT
dc.title.alternative Cross Platform Web Based Fuzzing it_IT
dc.type Master's Degree Thesis it_IT
dc.degree.name Informatica - computer science it_IT
dc.degree.level Laurea magistrale it_IT
dc.degree.grantor Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear 2022/2023 - sessione straordinaria it_IT
dc.rights.accessrights closedAccess it_IT
dc.thesis.matricno 888330 it_IT
dc.subject.miur INF/01 INFORMATICA it_IT
dc.description.note it_IT
dc.degree.discipline it_IT
dc.contributor.co-advisor it_IT
dc.date.embargoend 10000-01-01
dc.provenance.upload Muhammad Jalil Khan (888330@stud.unive.it), 2024-02-05 it_IT
dc.provenance.plagiarycheck Riccardo Focardi (focardi@unive.it), 2024-03-04 it_IT


Files in this item

This item appears in the following Collection(s)

Show simple item record