Enhancing Web Applications Observability through Instrumented Automated Browsers

In software engineering, observability is the ability to determine the current state of a software system based on its external outputs or signals such as metrics, logs, or traces. Web engineers rely on the web browser console as the primary tool to monitor the client-side of web applications during end-to-end tests. However, this is a manual and time-consuming task due to the different browsers available. This paper presents BrowserWatcher, an open-source browser extension providing cross-browser capabilities to observe web applications and automatically gather browser console logs in different browsers (e.g., Chrome, Firefox, or Edge). We have leveraged this extension to conduct an empirical study analyzing the browser console of the top-50 public websites manually and automatically. The results show that BrowserWatcher gathers all the well-known log categories such as console or error traces. It also reveals that each web browser additionally includes other types of logs, which differ among browsers, thus providing distinct pieces of information for the same website.This work was partially supported in part by the Ministerio de Ciencia e Innovación-Agencia Estatal de Investigación, Spain (10.13039/501100011033) through the H2O Learn project under Grant PID2020-112584RB-C31, in part by the Madrid Regional Government through the e-Madrid-CM Project, Spain under Grant S2018/TCS-4307, and in part supported by the Comunidad de Madrid and Universidad Politécnica de Madrid, Spain through the V-PRICIT Research Programme Apoyo a la realización de Proyectos de I+D para jóvenes investigadores UPM-CAM, under Grant APOYOJOVENES-QINIM8-72-PKGQ0J. Funding for Article Processing Charge (APC): Universidad Carlos III de Madrid (Read & Publish Agreement CRUE-CSIC 2023)

Impact Analysis of Malware Based on Call Network API with Heuristic Detection Method

Malware is a program that has a negative influence on computer systems that don\u27t have user permissions. The purpose of making malware by hackers is to get profits in an illegal way. Therefore, we need a malware analysis. Malware analysis aims to determine the specifics of malware so that security can be built to protect computer devices. One method for analyzing malware is heuristic detection. Heuristic detection is an analytical method that allows finding new types of malware in a file or application. Many malwares are made to attack through the internet because of technological advancements. Based on these conditions, the malware analysis is carried out using the API call network with the heuristic detection method. This aims to identify the behavior of malware that attacks the network. The results of the analysis carried out are that most malware is spyware, which is lurking user activity and retrieving user data without the user\u27s knowledge. In addition, there is also malware that is adware, which displays advertisements through pop-up windows on computer devices that interfaces with user activity. So that with these results, it can also be identified actions that can be taken by the user to protect his computer device, such as by installing antivirus or antimalware, not downloading unauthorized applications and not accessing unsafe websites. &nbsp

X.509 certificate error testing

X.509 Certificates are used by a wide range of technologies to verify identities, while the SSL protocol is used to provide a secure encrypted tunnel through which data can be sent over a public network. Combined both of these technologies provides the basis of the public key infrastructure (PKI). While the concept of PKI is a good idea, the different implementation of the technologies in different operating system and clients often lead to weaknesses. This paper proposes a methodology to automate the testing of SSL clients by generating both bogus and malformed certificates in order to evaluate the client’s response and identify potential threats to network infrastructures

Mayall:a framework for desktop JavaScript auditing and post-exploitation analysis

Writing desktop applications in JavaScript offers developers the opportunity to write cross-platform applications with cutting edge capabilities. However in doing so, they are potentially submitting their code to a number of unsanctioned modifications from malicious actors. Electron is one such JavaScript application framework which facilitates this multi-platform out-the-box paradigm and is based upon the Node.js JavaScript runtime --- an increasingly popular server-side technology. In bringing this technology to the client-side environment, previously unrealized risks are exposed to users due to the powerful system programming interface that Node.js exposes. In a concerted effort to highlight previously unexposed risks in these rapidly expanding frameworks, this paper presents the Mayall Framework, an extensible toolkit aimed at JavaScript security auditing and post-exploitation analysis. The paper also exposes fifteen highly popular Electron applications and demonstrates that two thirds of applications were found to be using known vulnerable elements with high CVSS scores. Moreover, this paper discloses a wide-reaching and overlooked vulnerability within the Electron Framework which is a direct byproduct of shipping the runtime unaltered with each application, allowing malicious actors to modify source code and inject covert malware inside verified and signed applications without restriction. Finally, a number of injection vectors are explored and appropriate remediations are proposed