@inproceedings{6148ed3e58b34a64906732904f16a223,
title = "Testrex: A testbed for repeatable exploits",
abstract = "{\textcopyright} 2014 USENIX Association. All rights reserved.Web applications are the target of many known exploits and also a fertile ground for the discovery of security vulnerabilities. Those applications may be exploitable not only because of the vulnerabilities in their source code, but also because of the environments on which they are deployed and run. Execution environments usually consist of application servers, databases and other supporting applications. In order to test whether known exploits can be reproduced in different settings, better understand their effects and facilitate the discovery of new vulnerabilities, we need to have a reliable testbed. In this paper, we present TESTREX, a testbed for repeatable exploits, which has as main features: packing and running applications with their environments; injecting exploits and monitoring their success; and generating security reports. We also provide a corpus of example applications, taken from related works or implemented by us.",
author = "S. Dashevskyi and F. Massacci and {dos Santos}, D.R. and A. Sabetta",
year = "2014",
language = "English",
series = "7th Workshop on Cyber Security Experimentation and Test, CSET 2014",
publisher = "USENIX Association",
booktitle = "7th Workshop on Cyber Security Experimentation and Test, CSET 2014",
note = "7th Workshop on Cyber Security Experimentation and Test, CSET 2014 ; Conference date: 18-08-2014",
}