Most existing surveys and reviews on web application vulnerability detection (WAVD)
approaches focus on comparing and summarizing the approaches' technical details …

String constraint solving refers to solving combinatorial problems involving constraints over
string variables. String solving approaches have become popular over the past few years …

Analyzing web applications requires reasoning about strings and non-strings cohesively.
Existing string solvers either ignore non-string program behavior or support limited set of …

Motivated by the vulnerability analysis of web programs which work on string inputs, we
present S3, a new symbolic string solver. Our solver employs a new algorithm for a …

Security auditing of industry-scale software systems mandates automation. Static taint
analysis enables deep and exhaustive tracking of suspicious data flows for detection of …

Most common vulnerabilities in Web applications are due to string manipulation errors in
input validation and sanitization code. String constraint solvers are essential components of …

This paper presents F4F (Framework For Frameworks), a system for effective taint analysis
of framework-based web applications. Most modern web applications utilize one or more …

Remote code execution (RCE) attacks are one of the most prominent security threats for web
applications. It is a special kind of cross-site-scripting (XSS) attack that allows client inputs to …

The scale and complexity of modern software systems complicate manual security auditing.
Automated analysis tools are gradually becoming a necessity. Specifically, static security …

We present a new string SMT solver, Z3str3, that is faster than its competitors Z3str2, Norn,
CVC4, S3, and S3P over a majority of three industrial-strength benchmarks, namely, Kaluza …