Web Security

Web Security aims to study and identify web application vulnerabilities that, if exploited, may allow the attacker to gain administrative privileges, access data saved inside the backend database, or send commands to make remote code execution (RCE).

Web security research is a systematic and continuous process of identifying vulnerabilities, weaknesses, and threats within web-based applications, systems, and protocols. It involves analyzing various aspects of web technologies, including the underlying infrastructure, frameworks, and coding practices, to identify potential security flaws.

Our primary research topics in web security focus on constructing methodologies and tools to analyze and detect web-based vulnerabilities like Cross-Site Scripting (XSS) and Server-Side Template Injection (SSTI).