Robin: A Web Security Tool
This tool addresses security flaws in web applications to protect user data, but it appears incremental as it builds on existing penetration testing methods.
The paper introduces Robin, a web security tool designed to help professionals perform penetration tests on web applications, and reports a real case study where it identified a dangerous vulnerability.
Thanks to the advance of technology, all kinds of applications are becoming more complete and capable of performing complex tasks that save much of our time. But to perform these tasks, applications require that some personal information are shared, for example credit card, bank accounts, email addresses, etc. All these data must be transferred securely between the final user and the institution application. Nonetheless, several applications might contain residual flaws that may be explored by criminals in order to steal users data. Hence, to help information security professionals and developers to perform penetration tests (pentests) on web applications, this paper presents Robin: A Web Security Tool. The tool is also applied to a real case study in which a very dangerous vulnerability was found. This vulnerability is also described in this paper.