TY  - JOUR
AU  - Al Hindi, Ghosoun 
AU  - Alshraideh, Mohammad 
AU  - Hussein, Abdelrahman H. 
AU  - Eliyan, Lubna Fayez 
AU  - Al-Dhaqm, Arafat 
PY  - 2025
TI  - Hacking Back: Using Genetic Algorithms to Outsmart Hackers
JF  - Journal of Computer Science
VL  - 21
IS  - 9
DO  - 10.3844/jcssp.2025.2049.2064
UR  - https://thescipub.com/abstract/jcssp.2025.2049.2064
AB  - Web applications are widely used in today's digital landscape, necessitating robust security measures to protect against unauthorized access by malicious users. Ensuring the security of these applications requires effectively identifying and addressing vulnerabilities. This paper proposes an automated methodology for vulnerability detection, utilizing a genetic algorithm to generate test cases, which offers greater efficiency and performance compared to resource-intensive and time-consuming manual approaches. Our research highlights the effectiveness of genetic algorithms as test data generators, leveraging insights from previous studies. Given the varying severity of Structured Query Language (SQL) injection attacks, those capable of executing destructive commands, such as the "drop" command, pose a more significant threat than those that merely disclose information. We employ both white-box and black-box testing methodologies to detect SQL injection vulnerabilities. Black box testing is utilized when the source code is unavailable, while white box testing is applied when the source code is accessible. Our findings suggest that white box testing, particularly static analysis, is more effective in identifying vulnerabilities. This study aims to enhance web application security by utilizing genetic algorithms to generate optimal test cases for vulnerability detection, providing a comprehensive approach that integrates white-box and black-box testing.