Design & Test of an Advanced Web Security Analysis Tool (AWSAT)

Design & Test of an Advanced Web Security Analysis Tool (AWSAT)

下载PDF

导出

摘要 Considering the escalating frequency and sophistication of cyber threats targeting web applications, this paper proposes the development of an automated web security analysis tool to address the accessibility gap for non-security professionals. This paper presents the design and implementation of an automated web security analysis tool, AWSAT, aimed at enabling individuals with limited security expertise to effectively assess and mitigate vulnerabilities in web applications. Leveraging advanced scanning techniques, the tool identifies common threats such as Cross-Site Scripting (XSS), SQL Injection, and Cross-Site Request Forgery (CSRF), providing detailed reports with actionable insights. By integrating sample payloads and reference study links, the tool facilitates informed decision-making in enhancing the security posture of web applications. Through its user-friendly interface and robust functionality, the tool aims to democratize web security practices, empowering a wider audience to proactively safeguard against cyber threats. Considering the escalating frequency and sophistication of cyber threats targeting web applications, this paper proposes the development of an automated web security analysis tool to address the accessibility gap for non-security professionals. This paper presents the design and implementation of an automated web security analysis tool, AWSAT, aimed at enabling individuals with limited security expertise to effectively assess and mitigate vulnerabilities in web applications. Leveraging advanced scanning techniques, the tool identifies common threats such as Cross-Site Scripting (XSS), SQL Injection, and Cross-Site Request Forgery (CSRF), providing detailed reports with actionable insights. By integrating sample payloads and reference study links, the tool facilitates informed decision-making in enhancing the security posture of web applications. Through its user-friendly interface and robust functionality, the tool aims to democratize web security practices, empowering a wider audience to proactively safeguard against cyber threats.

作者 Meenakshi S. P. Manikandaswamy Vijay Madisetti Meenakshi S. P. Manikandaswamy;Vijay Madisetti(School of Cybersecurity and Privacy, Georgia Institute of Technology, Atlanta, USA)

机构地区 School of Cybersecurity and Privacy

出处《Journal of Software Engineering and Applications》 2024年第5期448-461,共14页 软件工程与应用（英文）

关键词 Web Security Automated Analysis Vulnerability Assessment Web Scanning Cross-Site Scripting SQL Injection Cross-Site Request Forgery Web Security Automated Analysis Vulnerability Assessment Web Scanning Cross-Site Scripting SQL Injection Cross-Site Request Forgery

分类号 TP3 [自动化与计算机技术—计算机科学与技术]

引文网络
相关文献

1Xianglong Lian,Tong Qian,Zepeng Li,Xingyu Chen,Wenhu Tang,Q.H.Wu.Network Embedding Algorithm for Vulnerability Assessment of Power Transmission Lines Using Integrated Structure and Attribute Information[J].CSEE Journal of Power and Energy Systems,2024,10(1):351-360.
2Ran An,Shu Wang,Zongjun Gao,Zhenyan Wang,Wei Li,Qijun Deng,Lü Lin,Yuanqing Liu.Groundwater Quality and Vulnerability Assessment in a Semiarid Karst Region of Northern China[J].Journal of Earth Science,2024,35(1):313-316.
3Bauyrzhan Omarov,Zhuldyz Sailaukyzy,Alfiya Bigaliyeva,Adilzhan Kereyev,Lyazat Naizabayeva,Aigul Dautbayeva.One Dimensional Conv-BiLSTM Network with Attention Mechanism for IoT Intrusion Detection[J].Computers, Materials & Continua,2023,77(12):3765-3781.
4Xuhong Zhou,Shuai Li,Jiepeng Liu,Zhou Wu,Yohchia Frank Chen.Construction Activity Analysis of Workers Based on Human Posture Estimation Information[J].Engineering,2024,33(2):225-236.
5Maryam Roshanaei.Enhancing Mobile Security through Comprehensive Penetration Testing[J].Journal of Information Security,2024,15(2):63-86.
6List of Contributors[J].Astronomical Techniques and Instruments,2024,1(3).
7Le Liu,Chengyang Xu,Changbin Zheng,Sheng Cai,Chunrui Wang,Jin Guo.Vulnerability assessment of UAV engine to laser based on improved shotline method[J].Defence Technology（防务技术）,2024,33(3):588-600.
8Alicia Biju,Vishnupriya Ramesh,Vijay K. Madisetti.Security Vulnerability Analyses of Large Language Models (LLMs) through Extension of the Common Vulnerability Scoring System (CVSS) Framework[J].Journal of Software Engineering and Applications,2024,17(5):340-358.
9Yongqiang Qiao,Sen Zhang,Peixian Zhang,Juan Guo,Andrea Sanson,Xi Zhen,Kaiyue Zhao,Qilong Gao,Jun Chen.Simple chemical synthesis and isotropic negative thermal expansion in MHfF_(6)(M=Ca,Mn,Fe,and Co)[J].Nano Research,2024,17(3):2195-2203. 被引量：1
10João Pedro Lima,Wimonchat Tangamornsuksan,Gordon H Guyatt.Trustworthy evidence- based versus untrustworthy guidelines: detecting the difference[J].Family Medicine and Community Health,2023,11(4):85-90.

Journal of Software Engineering and Applications

2024年第5期

浏览历史

内容加载中请稍等...

Design & Test of an Advanced Web Security Analysis Tool (AWSAT)

相关作者

相关机构

相关主题

浏览历史