AJAX spider

E831599

security scanner module web application security testing tool component web crawler

AJAX Spider is a web application security testing tool component that automatically crawls and discovers content in modern, JavaScript-heavy web applications to support vulnerability analysis.

Try in SPARQL Jump to: Surface forms Statements Referenced by

Observed surface forms (1)

Surface form	Occurrences
AJAX Spider	0

Statements (46)

Predicate	Object
instanceOf	security scanner module ⓘ web application security testing tool component ⓘ web crawler ⓘ
benefit	helps identify security-relevant endpoints ⓘ increases test coverage for JavaScript-heavy sites ⓘ reduces manual effort in exploring dynamic content ⓘ
canBeConfiguredFor	authentication handling ⓘ crawl depth ⓘ scope limitations ⓘ
capability	discover hidden or hard-to-reach content ⓘ execute client-side JavaScript ⓘ follow AJAX-driven navigation flows ⓘ identify dynamically generated URLs ⓘ interact with dynamic page elements ⓘ
category	application security tooling ⓘ dynamic analysis tooling ⓘ
designedFor	AJAX-based web applications ⓘ JavaScript-heavy web applications ⓘ modern web applications ⓘ
differenceFrom	traditional web spider relies mainly on static HTML links ⓘ
focus	asynchronous HTTP requests ⓘ client-side rendered content ⓘ dynamic DOM changes ⓘ
goal	improve coverage of security scans on dynamic applications ⓘ map application attack surface ⓘ
output	discovered forms and input points ⓘ list of discovered URLs ⓘ list of discovered parameters ⓘ navigation paths within the application ⓘ
primaryFunction	automatically crawl web applications ⓘ discover web application content ⓘ enumerate application endpoints ⓘ support subsequent security scanning ⓘ
relatedTo	traditional web spider ⓘ
supports	vulnerability analysis ⓘ web application security testing ⓘ
supportsTechnology	AJAX NERFINISHED ⓘ JavaScript NERFINISHED ⓘ single-page application patterns ⓘ
typicalUse	run before active vulnerability scanning ⓘ used to build target site map ⓘ
usedBy	application security engineers ⓘ penetration testers ⓘ security testers ⓘ
usedIn	automated security assessment pipelines ⓘ web application penetration testing workflows ⓘ

Referenced by (1)

Full triples — surface form annotated when it differs from this entity's canonical label.

OWASP ZAP → feature → AJAX spider ⓘ