Considering the escalating frequency and sophistication of cyber threats targeting web applications, this paper proposes the development of an automated web security analysis tool to address the accessibility gap for non-security professionals. This paper presents the design and implementation of an automated web security analysis tool, AWSAT, aimed at enabling individuals with limited security expertise to effectively assess and mitigate vulnerabilities in web applications. Leveraging advanced scanning techniques, the tool identifies common threats such as Cross-Site Scripting (XSS), SQL Injection, and Cross-Site Request Forgery (CSRF), providing detailed reports with actionable insights. By integrating sample payloads and reference study links, the tool facilitates informed decision-making in enhancing the security posture of web applications. Through its user-friendly interface and robust functionality, the tool aims to democratize web security practices, empowering a wider audience to proactively safeguard against cyber threats.
Daud, N.I., Bakar, K.A.A. and Hasan, M.S.M. (2014) A Case Study on Web Application Vulnerability Scanning Tools. 2014 Science and Information Conference, London, 27-29 August 2014, 595-600. https://doi.org/10.1109/SAI.2014.6918247
[7]
Alzahrani, A., Alqazzaz, A., Zhu, Y., Fu, H. and Almashfi, N. (2017) Web Application Security Tools Analysis. In 2017 IEEE 3rd International Conference on Big Data Security on Cloud, Beijing, 26-28 May 2017, 237-242. https://doi.org/10.1109/BigDataSecurity.2017.47
[8]
Curphey, M. and Arawo, R. (2006) Web Application Security Assessment Tools. IEEE Security & Privacy, 4, 32-41. https://doi.org/10.1109/MSP.2006.108
[9]
Mohammed, R. (2016) Assessment of Web Scanner Tools. International Journal of Computer Applications, 133, 1-4. https://doi.org/10.5120/ijca2016907794
[10]
Dukes, L., Yuan, X. and Akowuah, F. (2013) A Case Study on Web Application Security Testing with Tools and Manual Testing. In 2013 Proceedings of IEEE Southeastcon, Jacksonville, 4-7 April 2013, 1-6. https://doi.org/10.1109/SECON.2013.6567420
[11]
Wakhale, A. (2018) Web Application Vulnerability Assessment Tools Analysis. UMBC Student Collection.
[12]
Joshi, C. and Singh, U.K. (2016) Performance Evaluation of Web Application Security Scanners for More Effective Defense. International Journal of Scientific and Research Publications (IJSRP), 6, 660-667.