WEB APPLICATION VULNERABILITY ASSESSMENT

Abstract

Cyber security has become an very important aspect in every industry like in power, banking and automation sectors. Servers are critical assets in these industries where critical sensitive data is stored. These servers often incorporates web servers in them though which any business data and operations are performed remotely. Hence, it is obvious that for a reliable operation, security of web servers are very crucial. This paper provides an effective approach for vulnerability assessment of web applications by means of analyzing and using a combined set of tools to address a wide varieties of security issues. It shows how with a combination of tools, one can increase the vulnerability testing of a web application regardless of new types of attacking vector. I have tried to demonstrate the vulnerability assessment tests of web applications by using combination of Nikto, Wfuzz, and custom scripts to do multiple tasks at ease. Moreover, how a vulnerability is being exploited manually to show the process and to understand the flaws in depth. Not only how a vulnerability can be exploited but also leveraged to gain access to get stable code execution which leads to compromise a system