The present invention generally relates to testing applications for risk management and security, and more particularly to testing applications with dynamic pages.
Dynamic program analysis is the analysis of computer software that is performed by executing programs built from that software system on a real or virtual processor. For dynamic program analysis to be effective, the target program must be executed with sufficient test inputs to produce interesting behavior
JavaScript is rapidly gaining in popularity because it enables programmers to write rich web applications with full-featured user interfaces and portability across desktop and mobile platforms. Recently, pointer analysis for JavaScript has been used to enable applications such as finding security vulnerabilities [10, 11], bug finding [13], and automated refactoring [8]. However, the presence of several hard-to-analyze language features in JavaScript and other scripting languages has a detrimental impact on the scalability and precision of traditional points-to analysis algorithms such as Andersen's analysis, making the applications of such algorithms impractical for those languages. Thus, there is need for techniques that make pointer analysis for languages such as JavaScript practical.