Eric Olsson
Eric Olsson is a researcher and doctoral student in Computer Science and Engineering at Chalmers University of Technology. His primary focus is on information security. He has made significant contributions to web security, specifically in developing frameworks for detecting fake extensions, scanning for stored Cross-Site Scripting (XSS), and securing JavaScript-driven platforms.
Session
Black-box web application crawling and scanning play an important role for security testing of web applications. Yet state-of-the-art scanners fall short of addressing key characteristics of a modern web application: its extreme dynamism and interactivity on the client side. This paper identifies immersive
interaction as a key ingredient for scanners to deeply explore modern web applications. We propose SpiderSapien, a client-centric crawler and security scanner. SpiderSapien incorporates a unique combination of high-level, user-facing feedback channels from the web application to achieve immersive interaction in a black-box crawling loop. These feedback channels include both novel methods to detect interactable elements and sensibly order UI interactions, and orthogonally using an LLM to solve forms. In
doing so, we demonstrate how to reliably discover and test deep states of modern web applications. Furthermore, our modular approach and useful abstraction layer can serve as a building block for future scanners. The evaluation of our approach shows substantial improvements in both code coverage and vulnerability detection over previous work. Our approach increased average code coverage across applications by at least 46% over any other scanner, or 16% when compared to the union of all other
scanners. We find XSS vulnerabilities in 7 web applications, while any other scanner finds XSS in up to 2 applications.