Security Testing project carried on during my first year of master degree: we tested a web application, using the Zed Attack Proxy tool, in order to assess the presence of web vulnerability, among which SQL injection and XSS vulnerabilities.
We used jwebunit and Webtester to define Java classes and automatically perform vulnerability test: the javascript code also include a possible mitigation for the vulnerabilties.
For a detailed description, read the Report.pdf file.