What is Amberate?
Amberate is security software that detects vulnerabilities in web applications. By analyzing request and response data, it dynamically generates attacks tailored to individual web applications.
What is a vulnerability?
A vulnerability is a security weakness caused by a software bug and/or a system design flaw. By exploiting a vulnerability, an attacker can deface a web site or disclose users’ private information such as addresses and credit card numbers.
Recently, a number of web sites have been targeted by crackers. Security companies report that web application vulnerabilities account for the majority of computer-related vulnerabilities.
How does Amberate discover vulnerabilities?
Amberate performs a penetration test with dynamically generated attacks tailored to individual web applications. Penetration tests detect vulnerabilities by sending attacks to a web application and checking the success of those attacks.
What is the difference between Amberate and other software that employ similar techniques?
Typically, software that employ penetration tests perform the following 3 steps:
- Detect all slots into which malicious code could be inserted
- Embed a predefined malicious code into a request and sends it to the web application
- Check the success of the attack with string search and syntax analysis
- Detects only relevant slots for each attack
- Executes a dynamically generated attack tailored to the web application
- Checks the success of the attack with string search and both syntax and context analysis
Please provide more detailed information about Amberate’s vulnerability detection technique.
Currently, this information is not made public to avoid additional insecurities. This decision is in accordance with guidelines set by the Japanese government. However, we plan to publish additional permitted information on this web site soon.
How many vulnerabilities has Amberate detected so far?
At this time, 130 vulnerabilities have been detected from the following web sites:
- Japanese federal web sites: 1
- Commercial web sites: 3
- Open source web sites: 17
What kinds of vulnerabilities can Amberate detect?
So far, vulnerability detection techniques have been implemented for the following attacks, however we are still actively developing additional techniques:
- SQL Injection
- Basic SQL Injection
- Stored SQL Injection
- Singular attack (attempting to exploit one potentially vulnerable slot at a time)
- Combination attack (attempting to exploit several potentially vulnerable slots at a time)
- SQL Injection with multibyte characters
- Cross-site Scripting (XSS)
- Reflected XSS
- Stored XSS
- DOM-based XSS
- Singular attack (attempting to exploit one potentially vulnerable slot at a time)
- Combination attack (attempting to exploit several potentially vulnerable slots at a time)
- UTF-7 XSS
- XSS with multibyte characters
- JavaScript Hijacking
- Directory Traversal
- Information Disclosure (partially support)
Can Amberate detect vulnerabilities in Web2.0 technologies such as Ajax?
Yes. Because Amberate is designed with novel techniques, it is capable of detecting vulnerabilities in Web2.0 applications.
Even though web technologies have improved usability and functionality on web sites, attack techniques continue becoming more sophisticated. For example, we can see the following features in recent attacks:
- Attacking the persistent data in databases
- Attacking several vulnerable slots at a time
- Attacking a vulnerability caused by a browser parsing quirk or a web application environment-dependent issue
Who is developing Amberate?
Amberate is being developed by AMBERATE.ORG. For more information about AMBERATE.ORG, please visit this link.
The development of Amberate was funded by the Exploratory Software Project (ESP, or ‘Mitoh’ project in Japanese) in 2008. The ESP is directed by IPA (Information-Technology Promotion Agency), Japan.