Vulnerability Scanning Research Articles

Website scrapping using request library and beautiful Soup for extracting data of malicious website

The main objective of this research is to leverage Python modules like Requests and BeautifulSoup for web scraping, which allows data extraction from malicious websites. The Requests package makes use of HTTP requests to make it easier to retrieve web pages, while BeautifulSoup is used to parse and browse HTML content so that important information can be extracted quickly. The process entails actions like locating potentially harmful URLs, examining webpage components, and extracting pertinent information including URLs, IP addresses, and possibly malicious scripts. As part of the study, the extracted data will also be stored in an organized format for further examination in the field of digital forensics. The project shows how online scraping may be used for cybersecurity, giving analysts and researchers important information about malware distribution channels, phishing URLs, and possible dangers. The outcomes highlight how useful these tools are for automating data collecting, which can improve threat intelligence and help identify cyberthreats early on. The ethical and legal aspects of online scraping are emphasized as being dependent on legal concerns, particularly in delicate situations. To sum up, integrating BeautifulSoup with the Requests library provides a useful method for obtaining useful information from harmful websites, which can help cybersecurity experts reduce risks. To strengthen cybersecurity defenses even further, future study may examine vulnerability scanning of the gathered data using programs like Nessus. Keywords Web Scraping, Malicious Websites, Request Library, BeautifulSoup, Cybersecurity, Digital Forensics, Data Extraction, Threat Intelligence, HTML Parsing, Vulnerability Scanning.

Real-Time Analysis of Sensitive Data Security in Manuscript Transition

Background: Cybersecurity requirements for ensuring data security during research manuscript transit on the journal website require continuous improvement and adherence to best practices. Research data loss can have significant negative consequences across multiple dimensions including time and financial loss. The present research investigates security vulnerabilities during the real-time transit of manuscripts on a journal website. Material and Methods: Website Access: The journal website was accessed, and manuscript components (main manuscript, figures, tables, graphical abstract, funding sources, suggested reviewer, and cover letter) were uploaded. Operating system: Kali Linux, designed for penetration testing and security auditing was used. Tools and software: Nmap (Version 7.95-2) for network discovery and security auditing. Nikto (2.5.0) for web server vulnerability scanning, and Tor (13.0.13) to anonymize web activities. Firefox (127.0.2) as the web browser, and VMware Workstation with Kali Rolling (2023.2 in a virtual environment. Testing phase: Initial upload of the manuscript and supplementary materials. Upload of figures, tables, and graphical abstract. Inclusion of funding sources, suggested reviewers, and cover letter. Data Collection and Analysis: Initial upload of the manuscript and supplementary materials. Upload of figures, tables, and graphical abstract. Inclusion of funding sources, suggested reviewers, and cover letter. Data Collection and Analysis: Network traffic and potential vulnerabilities were monitored on Nmap, Nikto, and Tor. Activities were conducted in the virtual environment of VMware Workstation for controlled and replicable setup. Output measures: Identified and documented potential security gap or vulnerabilities leading to data theft during manuscript transit. Results: An Nmap scan of XXXXXXXX.com (IP: yyyyyyyyyyy) revealed six open ports: 80 (HTTP Apache), 443 (SSL/SMTP Exim), 587 (SMTP Exim), 993 (IMAPS), and 995 (POP3S). each server showed potential vulnerabilities. The scan took 86.15 seconds. Conclusion: The results demonstrate a high risk of exposing sensitive information due to open ports, the presence of potentially outdated services, and the possibility of incomplete detection due to filtered ports pose a high risk of sensitive data during manuscript transit on the website of the journal

A Comprehensive Guide to Secure Build Pipelines with Continuous Scanning

As modern software engineering practices embrace faster release cycles and agile development methodologies, ensuring that security keeps pace has become a critical challenge. Traditional security reviews conducted at the end of the development lifecycle are no longer adequate. Continuous Integration/Continuous Delivery (CI/CD) pipelines and “shift-left” principles have given rise to continuous security scanning integrating security checks directly into the build and deployment processes. This approach not only detects vulnerabilities and misconfigurations earlier but also reduces remediation costs and prevents security issues from reaching production. This paper presents a comprehensive guide to designing and operating secure build pipelines with continuous scanning. We explore the architecture of a typical CI/CD pipeline, identify key security integration points, and discuss various scanning tools and techniques for code quality, open-source dependency checks, container image hardening, infrastructure-as-code validation, and runtime security. Through diagrams, best practices, tables, and real-world case studies, we provide actionable guidance on selecting tools, configuring alerts, enforcing policies, and building a security-aware engineering culture. We also highlight the importance of compliance, secure artifact storage, and integration with Security Information and Event Management (SIEM) systems. By adopting a holistic, automated, and continuously monitored pipeline, organizations can deliver software at speed without compromising on security or compliance requirements. Keywords DevSecOps, CI/CD, Continuous Scanning, Secure Build Pipelines, Software Supply Chain, Shift-Left Security, Vulnerability Scanning, Compliance, Container Security

SQL-Injection Vulnerability Scanning Tool for Automatic Creation of SQL-Injection Attacks

This research introduces an advanced automated scanning tool for detecting and analyzing SQL injection vulnerabilities in web applications, addressing the critical need for robust security testing mechanisms in modern web development. The proposed tool employs sophisticated dynamic analysis techniques combined with machine learning algorithms to automatically generate, execute, and validate SQL injection attack vectors. By implementing a multilayered detection approach, the system first identifies potential injection points through comprehensive input parameter analysis, followed by intelligent payload generation based on database fingerprinting and contextual analysis. The tool incorporates both syntactic and semantic analysis of database responses to effectively distinguish between successful and failed injection attempts, significantly reducing false positives. Advanced features include automated bypass techniques for common defensive mechanisms, support for multiple database management systems (MySQL, PostgreSQL, Oracle, and MS-SQL), and intelligent error pattern recognition. Experimental evaluation conducted across 100 diverse web applications demonstrated a 95% detection rate for known vulnerabilities and an 85% success rate in identifying previously undiscovered SQL injection vulnerabilities. The tool's automated approach significantly reduces the time and expertise required for security testing, making it valuable for both security professionals and development teams implementing secure coding practices. Additionally, the system generates detailed vulnerability reports with remediation recommendations, facilitating efficient security patch implementation. Performance analysis shows that the tool can scan complex web applications with minimal impact on system resources while maintaining high accuracy in vulnerability detection.

PENETRATION TESTING APPROACHES EMPLOYING THE OPENVAS VULNERABILITY MANAGEMENT UTILITY

Currently, issues of security of information systems of critical information infrastructure facilities are becoming relevant. At the same time, the current tasks of an information security (IS) audit of critical information infrastructure objects, as a rule, come down to checking them for compliance with IS requirements. However, with this approach to auditing, the resistance of these objects to real attacks by intruders often remains unclear. To test this resistance, objects are subjected to a testing procedure, namely penetration testing. The goal is a comparative analysis of existing foreign and domestic penetration testing methods and standards. The elements of novelty of the work are the identified features, advantages, disadvantages and scope of applicability of existing standards and methods of penetration testing. This article will review the OpenVAS vulnerability scanner. Readers will become familiar with the basic and advanced functions of the program; its settings depend on the functions and capabilities.

Assessing of software security reliability: Dimensional security assurance techniques

Security plays a crucial role in ensuring the reliability of software systems, making a secure and dependable security framework vital for safeguarding software integrity. However, evaluating the dynamic and multifaceted aspects of security presents significant challenges, as various security metrics and factors complicate the assessment of reliability. This study advances the core concepts of software security through the application of security assurance techniques, including vulnerability scanning, code review, penetration testing, threat assessment, control evaluation, mitigation, risk assessment, and configuration review. In the context of the Software Security Reliability Model (SSRM), a framework was developed to enhance software security assurance across different stages. A comprehensive systematic literature review was conducted to identify security challenges, and the STRIDE and DREAD methodologies were applied to model security threats effectively. Additionally, a mathematical CVSS scoring method was utilized for risk assessment. The synthesis of diverse security methods, tools, attack patterns, and systems was analyzed, identifying 15 critical software security terms: authentication, authorization, encryption, access control, network security, application security, data security, incident response, compliance, threat intelligence, privacy protection, third-party risk, cloud security, endpoint security, and identity management. The findings highlight these terms as key contributors to improving software security reliability.

Assessment of Vulnerabilities in Student Records Web-Based Systems for Public and Private Higher Learning Institutions in Tanzania

In spite that HLIs in Tanzania use web-based systems for managing, storing and processing of HLIs information and data such as website contents, academic results and financial records. The HLIs web-based system have been compromised by attackers due to presence of vulnerabilities. The main objective of this study is to assess the vulnerabilities of Students Records Web-based Systems (SRWBS) for private and public Higher Learning Institutions (HLIs) in Tanzania using black-box testing methodology by employing two automatic vulnerability scanners namely OWASP ZAP (Open Webs Application Security Project Zed Attack Proxy; open-source tool) and Acunetix (proprietary tool). This study assesses the vulnerability of SRWBS for 3 private HLIs and 5 public HLIs in Tanzania. The results reveal the total of 29 vulnerabilities which include but are not limited to Broken Authentication and Session Management, Broken Access Control, Security Misconfiguration, Sensitive Data Exposure, Vulnerable JS (Java Script) Libraries, CSRF (Cros Site Request Forgery), Using Components with Known Vulnerabilities, XSS (Cross Site Script), DOM (Document Object Model) based XSS and Reflected XSS. SRWBS of public HLIs were found more vulnerable by average 44.2% than the SRWBS of private HLIs which were vulnerable by average of 37%. Based on these results, this study provides some recommendations for mitigating vulnerabilities and improving the security of SRWBS for private and public HLIs in Tanzania.

Analysis Vulnerability Website Baleomolcreative dengan Metode Penetration Testing Execution Standard & Vulnerability Assessment Pada Http Response Header Field

This research will analyze web security and how to find out whether there is a vulnerability or what could be called a vulnerability to enter gaps in the Baleomolcreative web, making the web unsafe. In analyzing whether there are vulnerabilities, the Penetration Testing Execution Standard and Vulnerability Assessment methods are used to determine whether there are gaps or vulnerabilities in the Baleomolcreative website that can be exploited by external parties. This method uses tools such as Owasp ZAP, Nikto, and Nmap which can be used to perform vulnerability scanning on a website. In this research, we succeeded in identifying 3 levels of vulnerability on the Baleomolcreative website, namely medium, low, and informational, with a total of 18 alerts generated from notifications on Owasp Zap. The scanning process includes vulnerability testing such as Content Security Policy, Anti-clickjacking Header, Dangerous JS Functions, Permissions Policy, and others.

Vulnerability analysis based on SBOMs: A model proposal for automated vulnerability scanning for CI/CD pipelines

Vulnerability analysis based on SBOMs: A model proposal for automated vulnerability scanning for CI/CD pipelines

Efficient Static Vulnerability Analysis for JavaScript with Multiversion Dependency Graphs

While static analysis tools that rely on Code Property Graphs (CPGs) to detect security vulnerabilities have proven effective, deciding how much information to include in the graphs remains a challenge. Including less information can lead to a more scalable analysis but at the cost of reduced effectiveness in identifying vulnerability patterns, potentially resulting in classification errors. Conversely, more information in the graph allows for a more effective analysis but may affect scalability. For example, scalability issues have been recently highlighted in ODGen, the state-of-the-art CPG-based tool for detecting Node.js vulnerabilities. This paper examines a new point in the design space of CPGs for JavaScript vulnerability detection. We introduce the Multiversion Dependency Graph (MDG), a novel graph-based data structure that captures the state evolution of objects and their properties during program execution. Compared to the graphs used by ODGen, MDGs are significantly simpler without losing key information needed for vulnerability detection. We implemented Graph.js, a new MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabilities. Our evaluation shows that Graph.js outperforms ODGen by significantly reducing both the false negatives and the analysis time. Additionally, we have identified 49 previously undiscovered vulnerabilities in npm packages.

Enhancing IoT security in wireless local area networks through dynamic vulnerability scanning

Enhancing IoT security in wireless local area networks through dynamic vulnerability scanning

Security Risk Assessment for Patient Portals of Hospitals: A Case Study of Taiwan.

Growing cyberattacks have made it more challenging to maintain healthcare information system (HIS) security in medical institutes, especially for hospitals that provide patient portals to access patient information, such as electronic health record (EHR). This work aims to evaluate the patient portal security risk of Taiwan's EEC (EMR Exchange Center) member hospitals and analyze the association between patient portal security, hospital location, contract category and hospital type. We first collected the basic information of EEC member hospitals, including hospital location, contract category and hospital type. Then, the patient portal security of individual hospitals was evaluated by a well-known vulnerability scanner, UPGUARD, to assess website if vulnerable to high-level attacks such as denial of service attacks or ransomware attacks. Based on their UPSCAN scores, hospitals were classified into four security ratings: absolute low risk, low to medium risk, medium to high risk and high risk. Finally, the associations between security rating, contract category and hospital type were analyzed using chi-square tests. We surveyed a total of 373 EEC member hospitals. Among them, 20 hospital patient portals were rated as "absolute low risk", 104 hospital patient portals as "low to medium risk", 99 hospital patient portals as "medium to high risk" and 150 hospital patient portals as "high risk". Further investigation revealed that the patient portal security of EEC member hospitals was significantly associated with the contract category and hospital type (P<0.001). The analysis results showed that large-scale hospitals generally had higher security levels, implying that the security of low-tier and small-scale hospitals may warrant reinforcement or strengthening. We suggest that hospitals should pay attention to the security risk assessment of their patient portals to preserve patient information privacy.

TRIUMPH OF SECURITY : FORTIFYING DIGITAL FORTRESSES WITH TRIPLE GUARD AUTHENTICATION

Abstract : Network security is crucial in today’s interconnected world, and traditional text-based passwords are insufficient. This paper introduces a Three-Level Security system to enhance protection with a multi-tiered approach: Level-1 Login-based Password, Level-2 Graphical Authentication, and Level-3 Image-Based Password. The system ensures authorized access, defines user permissions, and encrypts data. It includes monitoring, rate limiting, regular updates, and penetration testing, using Python-based tools for vulnerability scanning. Triple Guard encrypts data both at rest and in transit, ensuring confidentiality and integrity. It adaptive to emerging threats and vulnerabilities, integrating Python-based security testing tools for vulnerability scanning and code analysis. By providing developers and administrators with a robust and extensible password security solution . Triple Guard encrypts data both at rest and in transit, preserving its confidentiality and integrity. Index Terms :-. Login Password Authentication, Graphical Authentication, Image Authentication, Python, Chatgpt.

Beyond Bombs: The Growing Threat of Cyberterrorism

Cyberterrorism, which once was a virtual version of physical attacks, has now moved to a digital platform that targets the critical infrastructure. These activities pursue to introduce fear, make a disruption in essential services, and influence politics. On the other hand, a comprehensive strategy should be applied to deal with this dynamic danger. The importance of understanding cyber terrorism lies in the fact that it creates breach of trust, collapse of the system, and sufferings among the population mentally. The economic impacts comprise businesses losses, decline in productivity, and discouragement of foreign investments. Efficient tools such as network security monitoring, vulnerability scanning and threat intelligence can locate anomalous activity as well as loopholes in systems. Strong authentication, employee training, data encryption, and regular backups all lead to a digital environment that is less vulnerable to attack. International cooperation, public education, and constant development are the key aspects for having a preparedness against cyberterrorism. We can accomplish this through collaboration and thereby ensure the safety and security of the digital world. Keywords—Cyberterrorism, digital threats, international cooperation, public awareness, critical infrastructure.

Comprehensive Security for IoT Devices with Kubernetes and Raspberry Pi Cluster

Environmental monitoring systems have gained prominence across diverse applications, necessitating the integration of cutting-edge technologies. This article comprehensively explores such a system, emphasizing the integration of a Raspberry Pi cluster with the BME680 environmental sensor within a Kubernetes framework. This study encompasses the technical aspects of hardware configuration and places a significant focus on security benchmarks and robustness validation. The environmental monitoring infrastructure discussed in this article delves into the intricacies of the Raspberry Pi cluster’s hardware setup, including considerations for scalability and redundancy. This research addresses critical security gaps in contemporary environmental monitoring systems, particularly vulnerabilities linked to IoT deployments. Amidst increasing threats, this study introduces a robust framework that integrates advanced security tools—HashiCorp (San Francisco, CA, USA) Vault v1.16 for dynamic secret management and OpenID Connect for authentication processes—to enhance applications and system integrity and resilience within the Kubernetes environment. The approach involves a multi-layered security architecture that fortifies the storage and management of credentials and ensures authenticated and authorized interactions within IoT networks. Furthermore, our research incorporates a series of security benchmark tests, including vulnerability scanning, penetration testing, and access control assessments. Additionally, this article addresses crucial aspects related to data management and analysis, detailing the methodologies employed for storing, processing, and deriving insights from the collected environmental data. It further explores the integration of the monitoring system with existing infrastructure and systems, facilitating seamless data sharing and interoperability and offering valuable insights into the system’s ability to withstand potential threats and vulnerabilities. The integration of Raspberry Pi clusters with BME680 environmental sensors within a Kubernetes-managed framework significantly enhances the scalability and security of IoT systems. This study quantifies the improvements, demonstrating at least a 30% enhancement in system responsiveness and a minimum 40% reduction in vulnerability exposures, as verified by extensive security benchmarks, including penetration testing. These advancements facilitate robust, scalable IoT deployments, with potential applications extending beyond environmental monitoring to include industrial and urban settings. The incorporation of dynamic secret management with HashiCorp Vault and secure authentication with OpenID Connect provides a blueprint for developing resilient IoT architectures capable of supporting high-security and high-availability applications. In conclusion, this article contributes to the expanding body of knowledge in IoT and environmental monitoring and establishes a strong foundation for future work. These outcomes suggest promising directions for further research in secure IoT applications and present practical implications for the deployment of secure and scalable IoT solutions in critical infrastructures.

WebSec : Exploring and Modulating Vulnerabilities

This research investigates the performance of the OWASP Zed Attack Proxy (OWASP ZAP) and Paros open-source vulnerability scanners on the Damn Vulnerable Web Application (DVWA). By evaluating their capability to identify vulnerabilities, along with assessing their user-friendliness and features, the study highlights each scanner's strengths and weaknesses. The insights aim to assist developers and security professionals in selecting the most effective tools for improving the security posture of web applications. Keywords—Web Application Security, Vulnerability Scanners, OWASP ZAP, Paros, Damn Vulnerable Web Application (DVWA), Open Source Tools, Cybersecurity, Penetration Testing.

BindHost: Comprehensive Vulnerability Scanner Tool

The increasing dependence on web applications amplifies the importance of protecting them against cyber threats. Vulnerability scanners are of utmost importance in this process, as they periodically detect vulnerabilities within network infras- tructures. This tool automates vulnerability detection, eliminating the need for manual intervention. This paper introduces a vulnerability scanner tool that determines probable threats to a web application by utilizing technologies such as header analysis, port scanning, and comparison against a database of known vulnerabilities(CVEs),thereby providing a robust solution Index Terms—Vulnerability Scanning, Header Analysis, Port Scanning, CVEs, Web Crawling,Socket Programming, Automation

تعزيز الامن السيبراني من خلال اختبار الاختراق الفعال وفحص الثغرات

The number of computer network attacks today is increasing with the sophisticated attack tools and complicated methods hence, building secure systems is required. The demand for regular penetration testing and vulnerability scanning has become an urgent issue. This paper focuses on increase the security of the system resources being tested; Determine the weakness in the popular operating systems; Focus on methodologies and approaches to analyze the system for security that leads to protect the system against external threats. An experimental setup of a virtual penetration testing environment lab is created on a system using virtualization software. By using of the most powerful tools and techniques used today, a successful penetration testing and vulnerability scanning through three phases of processes are implemented. Eventually, the results of this process will help identify potential vulnerabilities in the operating systems and ways to patch them up. Keywords: Cybersecurity, penetration testing, vulnerability scanning tools.

A Vulnerability Scanning Method for Web Services in Embedded Firmware

As the Internet of Things (IoT) era arrives, the proliferation of IoT devices exposed to the Internet presents a significant challenge to device security. Firmware is software that operates within Internet of Things (IoT) devices, directly governing their behaviors and functionalities. Consequently, the security of firmware is critical to shielding IoT devices from potential threats. In order to enable users to operate a device intuitively, firmware commonly provides a web interface. Consequently, this interface frequently serves as the primary attack goal in Internet of Things (IoT) devices, rendering them susceptible to numerous cyber-attacks. Unfortunately, web services have complex data interactions and implicit dependencies, and it is not easy to balance efficiency and accuracy during the analysis process, leading to heavy overhead. This paper proposes a lightweight vulnerability scanning approach, WFinder, designed explicitly for embedded firmware web services to perform vulnerability checks on backend binary files in firmware. WFinder uses static analysis to focus on identifying vulnerabilities in boundary binary files related to web services in firmware. Initially, the approach identifies boundary binary files and external data entry points based on front-end and back-end associativity features. Subsequently, rules are formulated to filter hazardous functions to narrow the analysis targets. Finally, the method generates sensitive call paths from the external data input points to the hazardous functions and conducts a lightweight taint analysis along these paths to uncover potential vulnerabilities. We implemented a prototype of WFinder and evaluated it on the firmware of ten devices from five well-known manufacturers. We discovered thirteen potential vulnerabilities, eight of which were confirmed by the CNVD, and assigned them CNVD identification numbers. Compared with the most advanced tool, SATC, WFinder was more efficient at discovering more bugs on the test set. These results indicate that WFinder is effective at detecting bugs in embedded web services.

Automation of System Security Vulnerabilities Detection Using Open-Source Software

Cybersecurity failures have become increasingly detrimental to organizations worldwide, impacting their finances, operations, and reputation. This issue is worsened by the scarcity of cybersecurity professionals. Moreover, the specialization required for cybersecurity expertise is both costly and time-consuming. In light of these challenges, this study has concentrated on automating cybersecurity processes, particularly those pertaining to continuous vulnerability detection. A cybersecurity vulnerability scanner was developed, which is freely available to the community and does not necessitate any prior expertise from the operator. The effectiveness of this tool was evaluated by IT companies and systems engineers, some of whom had no background in cybersecurity. The findings indicate that the scanner proved to be efficient, precise, and easy to use. It assisted the operators in safeguarding their systems in an automated fashion, as part of their security audit strategy.