Skip to contentScholarGate
LibraryBookshelfDeskReview StudioAssistant
Sign in
Dynamic Application Security Testing/Evidence
Method evidence record

Dynamic Application Security Testing

Dynamic Application Security Testing (DAST) is a security analysis technique that tests a running application by sending various inputs and observing responses to identify vulnerabilities and security flaws. Developed in the 2000s as a complement to static analysis, DAST exercises the application at runtime, finding vulnerabilities that only manifest during execution such as authentication bypass, insecure redirects, and logic flaws. DAST is commonly used for web application testing and is considered a black-box testing approach since the tester requires no knowledge of internal code structure.

Sources recorded, not reviewed

Source record

Citations copied verbatim from the method’s source record. No claim-level verification is inferred from them.

Dynamic Application Security Testing (DAST)
Taxonomic method record · ml-model / cryptography
  • Kals, S., Kirda, E., Kruegel, C., & Jovanovic, N. (2006). Secubat: A web vulnerability scanner. In Proceedings of the 15th International Conference on World Wide Web (WWW 2006), pp. 247-256. · DOI 10.1145/1135777.1135817
  • McAllister, S., & Kirda, E. (2008). Vulnerability scanning web applications. In Web Application Security, pp. 201-230. · URL
Open full method

Curated claims

Claims persisted in the evidence ledger, each with its own assessment.

No curated claims yet

This view does not invent a claim assessment when the ledger has none.

Related methods

Generated from the method graph and shown as machine-suggested relations — no evidence claim is inferred.

Same method familyFuzzingmachine-suggested · Relational suggestion, not evidence.Taxonomic bucketStatic Application Security Testingmachine-suggested · Relational suggestion, not evidence.Same method familyTaint Analysismachine-suggested · Relational suggestion, not evidence.

Evidence status

Sources recorded, not reviewed

Bibliographic sources are present. Claim-level evidence review has not been performed.

Sources

2 recorded citations, copied from the method source record.

Actions

Open method page
ScholarGate

A content-first reference library for research methods — what each one is, how it works, and where it comes from.

Open data (CC-BY)

Explore

  • Library
  • Search the library…
  • Browse by field
  • Fields
  • Journey
  • Compare
  • Which method?

Reference

  • Subjects
  • Atlas
  • Glossary
  • Methodology
  • Philosophy

Your tools

  • Bookshelf
  • Desk
  • Chat

Company

  • About
  • Pricing
  • Contact
  • Suggest a method

Entries are compiled from published sources for reference. Verifying the accuracy and suitability of any information for your own use remains your responsibility.

© 2026 ScholarGate · A research-method reference library
  • Privacy
  • Cookies
  • Terms
  • Delete account