Patent · US Active

Scanning unexposed web applications for vulnerabilities

US11991202B2 · kind B2 · utility

0Cited by

3References

20Claims

0Family size

Assignee

Rapid7, Inc. · US

Inventors

Jijo John · London, CA
Dmitriy Kashitsyn · Yorba Linda, US
Andrew Tisdale · Tecate Mission Road, US

Key dates

Filing date	Dec 8, 2021
Grant date	May 21, 2024
Priority date	—
Expiry date	Feb 27, 2042

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Disclosed herein are methods, systems, and processes for scanning unexposed web applications for security vulnerabilities. A web application executing on a client computing device is accessed and a determination is made that elements in a document object model (DOM) associated with the web application are completely loaded. A brute force operation is performed to identify unexposed actionable events associated with the elements in the DOM. The unexposed actionable events identified as part of performing the brute force operation are received from the client computing device, and the web application is scanned for security vulnerabilities based on the unexposed actionable events.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.