Penetration Testing Tool for Web Applications

Abstract

Abstract

As hackers become more skilled and sophisticated and with cyber-attacks becoming the norm, it is more important than ever before to undertake regular vulnerability scans and penetration testing to identify vulnerabilities and ensure on a regular basis that the cyber controls are working. In this thesis the importance and working of penetration testing and web application based penetration testing are discussed, followed by comparison and information’s about various testing tools and techniques and their advantages and disadvantages. The next section of the thesis mainly focuses on the past, current and future state of penetration testing in the computer systems and application security, importance of General Data Protection Regulation (GDPR) and Content Management system (CMS) followed by the main goal of the thesis which explains the existing solutions in automated tools for vulnerability detection of web application their techniques, positive and negative results of the conducted tests and their merits and demerits. In the next section, based on the comparison of various existing tools selecting appropriate algorithm for discussing the importance of scanning the ports which are usually focused in very few existing web application tools, the following section practically demonstrate the scanning of ports which gives information regarding, the state of ports to understand the service information running on the server. Finally the result of the experiment will be compared with the existing web application tools.