Web Application Security Security is a critical part of your Web applications. Web applications by definition allows users access to a central resource, the Web server and through it, to others such as database servers. By understanding and implementing proper security measures, you guard your own resources as well as provide a secure environment in which users are comfortable working with your application. All this can be done with the help of a web application vulnerability scanner.
There are multiple web app vulnerability scanners are present in the market. Acunetix Scanner (acunetix.com) Arachni Scanner (arachni-scanner.com) Detectify (detectify.com) Netsparker (netsparker.com) pentest-tools (pentest-tools.com)
Accessible 24/7 from anywhere in the world, Web applications are more vulnerable than any other software application. Due to the vulnerabilities the financial loss & theft of sensitive corporate data occurs such as credit card information and customer lists.
Secure web application penetration testing (SWAPT) tool is a web based online web application that assesses security vulnerabilities in web application and produces a set of scan results. Web applications are typically developed with hard time constraints and are often deployed with security vulnerabilities. SWAPT Web vulnerability scanner can help to locate these vulnerabilities. Administrators can use the tool for fixing or exploiting a system, administrators need to conduct a scan and fix problems before an attacker can do the same scan and exploit any vulnerability.
#Project Scope Our project will be able to: scan, detect vulnerabilities. analyze the response from web applications and detect vulnerabilities. show the results of vulnerability which is easily understood without extensive know-how of cyber security.
Operating System - Kali Linux
Database - PostgreSQL
IDE – Visual Studio Code
Web Framework – Django Other technologies – HTML, CSS, Bootstrap, JavaScript, Jinja etc.
Heroku Cloud Web Hosting is needed to host the project online and make it available 24/7. As the project consist of web application so hosting is necessary for the project.
The main objective of our project will be to detect the following: Detect Target Technology Detect CVE (Common Vulnerabilities and Exposures)
So, following are the Project Deliverables: Web Crawler for Gathering URLs (Completed) Subdomains Enumeration (Completed) HTTP Verb Tempering (Completed) Full Scanning (90% Completed) Live Host Scanning (In Progress) Directory Scanning (In Progress) SSH Dictionary Attack on target Server (In Progress)
Website security is a critical part of the web applications for any organization. The only way to combat the Web application security threat is to proactively scan websites and Web applications for vulnerabilities and then fix them. Implementing a web application scanning solution must be a crucial part of any organization’s overall strategy.