This document describes a web vulnerability scanner and reporting tool developed by researchers. The tool scans websites for various vulnerabilities like SQL injection, cross-site scripting, and file inclusion vulnerabilities. It performs scans both without login and with login credentials provided by the website owner. The without login scan checks if the site is reachable and identifies vulnerabilities, while the with login scan allows for deeper scanning. The tool uses machine learning, DOM, and aggregation algorithms. It produces a report with the number and types of vulnerabilities found, and URLs of affected pages. The researchers validated the tool and believe it can help developers identify and address security issues on their websites.
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Website Vulnerability Scanner Tool
1. ISSN: 0374-8588
Volume 21 Issue 17,December2019
790
Developing a website analysis tool for vulnerability scanning and reporting
Bharati Kungwani, Aishvarya Kadu1
, Bhagyashri Chalakh2
, Kanchan Gorle3
, Shivani Malpe4,
Department of Computer Science and Engineering
Jhulelal Institute of Technology
Session 2019-2020
Abstract
Vulnerability scanning is a security technique used to identify security weaknesses in websites. The
numbers of security vulnerabilities that are being found today are much higher in websites than in
operating systems. Many transactions are performed online with various kinds of web applications.
Almost in all of them user is authenticated before providing access to backend database for storing all
the information. A well-designed injection can provide access to the unauthorized users and mostly
achieved through SQL injection, Cross-site scripting (XSS) and file inclusion. In this thesis we are
providing a vulnerability scanning and analyzing tool of various kinds of SQL injection, Cross Site
Scripting (XSS) attacks and files inclusion. Our approach can use with any web application not only the
known ones. We validate the proposed vulnerability scanner to develop vulnerabilities scanner will use
to spot potential problems the more information the scanner has, the more accurate its performance.
Once a tool has a report of the vulnerabilities, developers can use penetration testing as a means to see
where the weaknesses are, so the problem can fixed and future mistakes can avoided. When employing
frequent and consistent scanning, one will start to see common threads between the vulnerabilities for a
better understanding of the website. Our tool is base on machine learning algorithm, document object
model (DOM) algorithm and aggregation algorithm. This tool scans the website using to method one is
“without login” scanning and another is “with login” scanning. First method is use to check website is
malicious and reachable or not. If website is malicious then second method we need to use. In a second
method web owner and web developer can use because they have websites user id and password. After
login main scanning process will start and pages scan one by one. Finally, VAPT report will show. In
a VAPT report number of vulnerability, number of vulnerability occurrence and URL link of
vulnerability occurred page. This tool will provide direct reaching to vulnerability occurred page. Also,
this tool is very useful since they allow identifying the unknown vulnerabilities on the website.
Keywords- Vulnerability scanner, detection, website security, SQL injection, Web attack, Vulnerabilities,
XSS attack.
I. INTRODUCTION
Website vulnerability scanner and the reporter is a tool which will use to spot potential problems the more
information the scanner has, the more accurate its performance. Once a tool has a report of the
vulnerabilities, developers can use penetration testing it means to see where the weaknesses are, so the
problem can fixed and future mistakes can avoided. When employing frequent and consistent scanning,
one will start to see common threads between the vulnerabilities for a better understanding of the website.
Many types of vulnerabilities are use to attack on any website. This tool is use to find such vulnerabilities.
Firstly scanner scan website without login and scan all web pages. After completion of scanning this tool
2. ISSN: 0374-8588
Volume 21 Issue 17,December2019
791
give report which includes number of files, names of vulnerabilities and number of vulnerability
occurrence? This without login vulnerability scanning can use any type of user.
After successful “without login” scan user need to scan website “with login”. For login purpose user
should have URL link, user id and password of website. Only website owners and developers have user id
and password. After login, vulnerability scanner scan website. Firstly number of files and get post of the
website is show in screen. Then all files of the website are scan one by one. After scanning tool create
report. Final report have, type of vulnerability, number of occurrence of vulnerability. URL link of
vulnerability occurred web page.
This tool is capable to find following types of vulnerabilities:
1. Structured Query Language (SQL) Injection: SQL injection is a code injection technique, used to
attack data driven applications, in which malicious SQL statements are inserted into any entry field for
execution.
2. Cross Site Scripting (XSS) vulnerability: XSS is a type of computer security vulnerability typically
founded in web applications. XSS attacks enable attackers to inject client-side scripts into web pages
viewed by other users.
3. Remote File Inclusion (RFI) vulnerability: It is a type of file inclusion vulnerability. RFI is a type of
vulnerability most often found on PHP running website. It allows an attacker to include a remotely hosted
file, usually through a script on the web server.
4. Local File Inclusion (LFI) vulnerability: It is a type of file inclusion vulnerability. LFI is very much
like RFI, the only difference is LFI the attacker has to upload the malicious script to the target server to
execute locally.
5. Remote Code vulnerability: In remote code execution of vulnerability an attacker is able to run code
of their choosing with system level privileges on a server that possesses the appropriate weaknesses.
These attacks are typically return into an automated script.
6. WebDAV vulnerability: WebDAV is allowing authorized users to remotely add and change contain
on your web server. WebDav offers user’s ability and convenience to access web contains from
anywhere, this same remote function can be a huge security hole if not correctly configured.
Web vulnerability scanner and reporter work for user and web developer. User is capable to check any
website without login. All pages of websites scan one by one, in case any type of the vulnerabilities
occurs that time user can predict how harmful that website is. User is able to take a decision to visit that
website. Developer should check vulnerabilities with login id and password. It is more beneficial for deep
scanning of the website. Some benefits for “without login and with login” scanning processes are as
follows:
1) Without Login Scanning: Without login scanning and reporting is beneficial for user. Users can scan
any type of website just entering URL link. After entering URL link main working of vulnerability tool
will start. In a scanning process, firstly all the pages are scroll and scan one by one. That time in a
background scanner count number of pages and busy to create report. If any vulnerability occur scanner
3. ISSN: 0374-8588
Volume 21 Issue 17,December2019
792
added vulnerability into a report. In a final report number of files, number of vulnerabilities and number
of vulnerabilities occurrence are shows.
2) With Login Scanning: With login scanning and reporting is beneficial for developer. Developer can
scan any websites with their login id and password. For “with login” scanning tool need to enter URL
link, user id and password. After that main scanning process is start. In a screen number of files, get-post
discovers and vulnerability tests will show. Completion of scanning this tool will give you final report.
Ina final report number of vulnerabilities occurs, number of vulnerabilities and URL link of vulnerability
occurred page. It is easy to find vulnerability page for developer. It is a high performance tool which
gives accurate vulnerabilities detection for developer.
II. REVIEW BACKGROUND AND LITERACTURE
In this section came the web application attacks, counter measures of attacks, aware black box web
vulnerability, and study of vulnerability scanning tool Nesses, Acunetix-Web Vulnerability
Scanner, OWASP Zed Attack Proxy (ZAP), HTTP, Vulnerability scanner. We discuss some paper below.
[1]Nessus
The latest version of Nessus is 5.2.5. Nessus[2] is one of the popular vulnerability scanners. It allows
scans for misconfiguration for the software that installed in the machine. It is also include detecting open
ports of the machine and version of the software installed in the machine. Other than that, it also scans
vulnerabilities that allow a remote hacker to control or access sensitive data on a system, denials of
service against TCP/IP stack and PCI DSS audits. This is also including web application scanning; to
detect SQL injection and cross site scripting. Nessus has come out with two versions of the release; Home
Feed release and Professional release. For vulnerability reporting purposes, the Nessus scanning result
can exported to several types of file HTML and CVS. The organization had used Nessus since the year
2010.
[2] Acunetix-Web Vulnerability Scanner
Acunetix[1] is web application vulnerability scanning. Web Vulnerability Scanner is a web application
scanning tool that can detect vulnerability for example SQL injection, cross site scripting, flaws in the
underlying operating system and misconfiguration of the web server. Acunetix also able
to perform advanced penetration testing tool and testing for the password protected area. It also can detect
port scanning. Acunetix runs on Windows operating system; the minimum is XP. For reporting
purposes, Acunetix results can export to PDF format file. Acunetix has come out with two different
versions; Professional and trial version.
[3]OWASP Zed Attack Proxy (ZAP)
Zed Attack Proxy (ZAP)[3] is a freeware vulnerability scanning tool. This is develope by Open Web
Application Security Projector OWASP. OWASP ZAP Project or also known as Zed Attack Proxy is an
integrated penetration testing tool for finding vulnerabilities in web applications. ZAP is an open source
tool that runs either on Linux or Windows platform. It also supports multiple languages, for example
French, Spanish and Arabic. The example of the vulnerability that able to detect by OWASP ZAP is
HTTP Parameter Pollution (HPP) extension and SQL injection.
4. ISSN: 0374-8588
Volume 21 Issue 17,December2019
793
[4] Web Vulnerability Scanner by Using HTTP Method
Web vulnerability scanner by using HTTP method basically works on URL crawling, Search engine,
Remote Site, third party database and domain reputation. This vulnerability scanner scans URL
and CMS. It scans for shells from client side machine for commonly injected location and with their
usual file names. It also check mail server IP. Scan SQL injections for MySQL, MSSQL, PGSQL and
Oracle database. It is trick that exploit poorly filtered or not correctly escaped SQL queries. It also scans
XSS, Malware and directory indexing. But the vulnerabilities of this scanner seek to identify their
efficiency in detecting different vulnerabilities.
[5] SecuBat-A web vulnerability scanner
SecuBat[4] is a web application is used to find web vulnerability. Example of such vulnerabilities is SQL
injection and cross site scripting(XSS). Using SecuBat identified a large number of potential vulnerable
website. Also SecuBat discover web vulnerabilities that could be use to launch phishing attacks that are
difficult to identify even by technically more sophisticated users. SecuBat has
crawling component to determine the door of attacks and four types of attacks are used.
1) Form redirecting XSS attack
2) SQL injection
3) Simple reflected XSS attack
4) Encoded Reflected XSS attack
III. METHODOLOGY
In this section, we present the proposed method of vulnerability scanner and reporter. The proposed
method of web vulnerability scanner and reporter is base on machine learning, aggregation algorithm and
document object model (DOM) algorithm.
1. Machine learning: Machine learning technique is widely used for data analysis to build prediction
models. This is the best method to find vulnerabilities from any website. Because machine learning gives
predict class for testing instances. This method is foundation of the web vulnerability scanner and
reporter.
2. Document Object Model (DOM): The document object model (DOM) is an application programming
interface (API) for HTML and XML documents. It defines the logical structure of documents and the way
a document access. DOM is necessary in vulnerability scanner and reporter to read and to access the
website.
3. Aggregation: The Aggregation is use to count number of attacks performed in website. After count
aggregation create aggregation score card that is our final report.
Modules of the web vulnerability scanner and reporter
5. ISSN: 0374-8588
Volume 21 Issue 17,December2019
794
Web vulnerability scanner and reporter are working on basic four modules:
1. Without login scan and with login scan on website
Without login scanning and reporting is beneficial for user. Users can scan any type of website just
entering URL link. And with login scanning and reporting is beneficial for developer. Developer can scan
any websites with their login id and password. For “with login” scanning tool need to enter URL link,
user id and password.
2. Identify vulnerabilities
DOM read all website content to scan the website. In scanning process vulnerabilities will identify by
using machine learning.
3. Final report
After identification of the vulnerabilities, aggregation count number of vulnerabilities and generate final
report.
4. Analyze result of final report
In final report, number of vulnerabilities, types of vulnerabilities and URL link of vulnerability found
page. Analyze the result by clicking vulnerability found pages URL link.
Block diagram of working modules of web vulnerability scanner and reporter is as follows:
Fig I: Block diagram of working modules of web vulnerability scanner and reporter
Tools and Technology required in web vulnerability scanner and reporter are as follow:
Technology: .net, Third party library like Apache for Scanning
Tools: Visual studio 2015, .net framework 4.5
6. ISSN: 0374-8588
Volume 21 Issue 17,December2019
795
Hardware: Standard pc, High speed net connection
IV. DATA AND RESULT
DATA
From few past years, almost every websites contains vulnerabilities that allow attacks against users. Cross
site scripting (XSS) have more fault cases. Because of this reason this project more focuses on XSS.
Statistical data of vulnerabilities found in last five years are as show in below table.
Year High risk websites Medium risk websites Low risk websites
2019 50% 39% 11%
2018 67% 28% 5%
2017 52% 48% _
2016 58% 41% 1%
2015 70% 30% _
Table I: websites by maximum vulnerabilities found
By positive technology site, the percentage of websites containing high risk vulnerabilities in 2019
decrease significantly, by 17 percentage points compared to the prior year. Before reducing website
vulnerabilities, it is important to identify them and find out where they are. That is why it is necessary to
make web vulnerability scanner and a reporter.
RESULT
Web vulnerability scanner and reporter scan any type of website for user and web developer. User can
scan website without login. After the scanning process, result will display on the screen. In a result
number of files present in website, name of vulnerabilities and number of vulnerabilities will show.
Developer can scan website with login. Authentication is required to login. After completion of scanning
process VAPT result will display on the screen. In final result, name of vulnerabilities, number of
vulnerabilities occurs and URL link of vulnerability occurred page. When developer click on URL link,
developer will reach on vulnerability occurred page to solve the problem.
V. CONCLUSION
Web vulnerability scanner and reporter help to identify website’s vulnerabilities for user and website
developers. It is automated vulnerability scanner, which not only identifies vulnerabilities, but also gives
page location of these vulnerabilities. Aggregation focuses on correct count of vulnerabilities occurs in
website. Machine learning method gives more accurate result. Using of these web vulnerability scanner
and reporter is very useful for many web developers. This tool makes detection of vulnerabilities very
easily for security of websites.
REFERANCES
1. Acunetix - Website security - keep in check with Acunetix. (n.d.). Retrieved from
https://www.acunetix.com
7. ISSN: 0374-8588
Volume 21 Issue 17,December2019
796
2. COMPARATIVE STUDY OF VULNERABILITY SCANNING, by R Kushe - 2017
publication: stumejournals.com
3. OWASP Foundation, 2007,http://www.owasp.org/index.php/Top_10_2007
4. SecuBat: a web vulnerability scanner,Authors: Stefan Kals, Engin Kirda, Nenad Jovanovic,
Publication: WWW '06: Proceedings of the 15th international conference on World Wide
WebMay 2006
5. www.tenablesecurity.comfor Nessus
6. www.portswigger.netfor BurpSuite
7. http://www.networkworld.com/reviews/2006/073106-sourcefire-tenable-passive-test-side.html.
8. nmap.org/docs/discovery.pdf
9. Abdulqader, F. B., Thiyab, R. M., & Ali, A. M. (2017). The impact of SQL injection attacks on
the security of databases. In Proceedings of the 6th International Conference on Computing and
Informatics (pp. 323-331).
10. http://searchsecurity.techtarget.com/video/How-to-use-Nikto-to-scan-for-Web-server-
vulnerabilities
11. InfoSec Institute. (2014, September 24). 14 best open source Web Application Vulnerability
Scanners. Retrieved from http://resources.infosecinstitute.com/14-popular-webapplication-
vulnerability-scanners/#gref Jasmine, M. S., Devi, K., & George, G. (2017). Detecting XSS based
Web Application Vulnerabilities. International Journal of Computer Technology & Applications,
8(2), 291-297.
12. OWASP WebScarab Project, http://www.owasp.org/index.php/OWASP_WebScarab_Project
13. VULNERABILITY SCANNERS: A PROACTIAPPROACH TO ASSESS WEB
APPLICATION SECURITY,Sheetal Bairwa,Bhawna Mewara and Jyoti Gajrani
14. Department of Information Technology, Government Engineering College, Ajmer,
15. International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February
2014