SWAT
SWAT (Symbolic Web Application Testing) is an advanced tool for analyzing Java web applications. It detects vulnerabilities and errors through concolic execution. SWAT has been developed from the CATG concept and specially adapted for this purpose.
The architecture of SWAT is characterized by its modularity and extensibility. The tool implements dynamic symbolic execution using a Java Agent and the ASM library. It utilizes JavaSMT for creating symbolic formulas. After execution, SWAT submits the collected constraints in SMT-LIB format to a coordinator, who decides which constraints will be solved next. The coordinator then sends new inputs to the target web application or initiates the software under test with them. Currently, SWAT uses the symbolic solver Z3.
Authors:
Nils Loose
Felix Mächtle
Florian Sieck