System and method for providing application penetration testing

Assignee

• Core SDI Incorporated · US

Inventors

• Alberto Gustavo Soliño Testa · Olavarría, AR
• Gerardo Gabriel Richarte · Olavarría, AR
• Fernando Federico Russ · Olavarría, AR
• Diego Martin Kelyacoubian · Olavarría, AR
• Ariel Futoransky · Olavarría, AR
• Diego Bartolome Tiscornia · Olavarría, AR
• Ariel Waissbein · Olavarría, AR
• Hector Adrian Manrique · Olavarría, AR
• Javier Ricardo De Acha Campos · Olavarría, AR
• Eduardo Arias · Hialeah, US
• Sebastian Pablo Cufre · Olavarría, AR
• Axel Elián Brzostowski · Olavarría, AR

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/577
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A system and method provide application penetration testing. The system contains logic configured to find at least one vulnerability in the application so as to gain access to data associated with the application, logic configured to confirm the vulnerability and determine if the application can be compromised, and logic configured to compromise and analyze the application by extracting or manipulating data from a database associated with the application. In addition, the method provides for penetration testing of a target by: receiving at least one confirmed vulnerability of the target; receiving a method for compromising the confirmed vulnerability of the target; installing a network agent on the target in accordance with the method, wherein the network agent allows a penetration tester to execute arbitrary operating system commands on the target; and executing the arbitrary operating system commands on the target to analyze risk to which the target may be exposed.