Efficient web application vulnerabilities detection Model

Abstract

The web application is gaining tremendous importance due to increased usage of the internet and with this, there is also an increase in attacks on the web applications. This leads to leakage of all the confidential data. For a web application to be completely secure it should not be vulnerable to any attack. Hence there is an emerging need to check the vulnerabilities of web applications. During the detection of vulnerabilities, each attack is carried out manually which requires the knowledge of security testing. This paper explores the characteristics of the proposed security tool. The proposed tool gives an efficient and fast scanning of any web application automatically. OWASP’s top 10 vulnerabilities include Injection, Broken authentication, broken access control, sensitive data exposure, XML, cross site scripting, insecure de-serialisation, security misconfiguration, making use of components with insufficient logging and monitoring and having known vulnerabilities. All these top 10 vulnerabilities of the open web application security project are automatically detected in the tool. Since the tool is automated, it reduces the manpower and the time required to check each vulnerability separately. Threading helps in improved processing and hence generates faster outputs. Automation reduces the entire time needed for the process with 100% efficiency.