Assessment of Web Scanner Tools

Rawaa Mohammed

Call for Paper

January Edition

IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper

Know more

The week's pick

Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen

Random Articles

A New Approach to Distributed Energy - Efficient Cluster for Heterogeneous WSNs

November

2014

Health IT: Research in General Management of Health Services through Information Technology

May

2023

Spam Filtering using K mean Clustering with Local Feature Selection Classifier

December

2014

Pilot Assisted Channel Estimation in MIMO-STBC Systems over Time-Varying Fading Channels- A Review

Oct

2016

Reseach Article

Assessment of Web Scanner Tools

by Rawaa Mohammed

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 133 - Number 5

Year of Publication: 2016

Authors: Rawaa Mohammed

10.5120/ijca2016907794

Rawaa Mohammed . Assessment of Web Scanner Tools. International Journal of Computer Applications. 133, 5 ( January 2016), 1-4. DOI=10.5120/ijca2016907794

@article{ 10.5120/ijca2016907794,

author = { Rawaa Mohammed },

title = { Assessment of Web Scanner Tools },

journal = { International Journal of Computer Applications },

issue_date = { January 2016 },

volume = { 133 },

number = { 5 },

month = { January },

year = { 2016 },

issn = { 0975-8887 },

pages = { 1-4 },

numpages = {9},

url = { https://ijcaonline.org/archives/volume133/number5/23779-2016907794/ },

doi = { 10.5120/ijca2016907794 },

publisher = {Foundation of Computer Science (FCS), NY, USA},

address = {New York, USA}

}

%0 Journal Article

%1 2024-02-06T23:30:17.658439+05:30

%A Rawaa Mohammed

%T Assessment of Web Scanner Tools

%J International Journal of Computer Applications

%@ 0975-8887

%V 133

%N 5

%P 1-4

%D 2016

%I Foundation of Computer Science (FCS), NY, USA

Abstract

Nowadays the security of web applications becomes a serious problem because of the impact of its vulnerability, so a previous consideration should be taken to diminish its harmful effect. One of the most important tools used to test the security of the web is web security scanner which is a tool that can be used by the penetration tester to give clear indication of the weakness by detecting the vulnerabilities of web pages like SQL injection, XSS attack. While the importance of web scanners are so obvious, but there effectiveness and differences need to be evaluated to find the flaws, limitations and distinguish between them. In this paper an analytical comparison is present on six open source web scanners by using manual and automatic testing of the chosen test beds then analyzing these results to assess the scanners.

References

Fakhreldeen A. and Eltyeb E., “Assessment of Open Source Web Application Security Scanners”, College of Computer Science and Information Technology, KAU, Khulais, Saudi Arabia, march 2014.
Pakorn I., “A Comparative Study of Security Vulnerabilities in Responsive Web Design Framework”, Malardalen University School of Innovation Design and Engineering, June 2015.
Sneha P., “Vulnerability Checker for Infosecurity”, SRM University, 2013.
Fakhreldeen A., “Using WASSEC to Evaluate Commercial Web Application Security Scanners”, International Journal of Soft Computing and Engineering (IJSCE), 2014.
Kinnaird M., “Open Source Web Vulnerability Scanners”, Marymount University, 2014.
David A. Shelly, “Using a Web Server Test Bed to Analyze the Limitations of Web Application Vulnerability Scanners”, Faculty of the Virginia Polytechnic Institute and State University, July 2010.
Yuliana M., “Security Evaluation of Web ApplicationVulnerability Scanners’ Strengths and Limitations Using Custom Web Application”, California State University, October 2012.
XiaoweiLi and YuanXue, “BLOCK: A Black-box Approach for Detection of State Violation Attacks towards Web Applications”, Vanderbilt University, 2011.
Mikko V.,” An Evaluation of Free Fuzzing Tools”, University of Oulu Department of Information Processing, May 2015.

Index Terms

Computer Science

Information Sciences

Keywords

False Positive False Negative evaluation analysis.