Hussain, Muzammil (2024) Evaluation of Open-Source Vulnerability Scanners for Web Applications and WordPress Websites. Masters thesis, Dublin, National College of Ireland.
Preview |
PDF (Master of Science)
Download (4MB) | Preview |
Preview |
PDF (Configuration Manual)
Download (14MB) | Preview |
Abstract
Web applications are more vulnerable ever than before. Everyone is using web applications to somehow and businesses are more worried about the confidential details i.e. informational or financial of their valued customers to expose into the wrong hands. Cyber-criminals always try to break down the security of these applications to get unauthorized access. So, it is better to find the weak points and secure them prior to attack with the help of automatic vulnerability scanners because manual evaluation is pretty much difficult and time consuming. Mostly vulnerability scanners are commercial and expensive to buy. The motive of this research is to evaluate the performance of open-source vulnerability scanners and propose a best open-source vulnerability scanner for web applications including WordPress websites based on evaluation criteria. Five open-source vulnerability scanners i.e. reNgine, Nessus (essentials), OWASP ZAP, Wapiti and Burp Suite (community) are tested to find the vulnerabilities in Open Web Application Security Project-Broken Web Application (OWASP-BWA) and WordPress website hosting on Amazon Web Service-Elastic Compute Cloud (AWS-EC2) instance. reNgine is proposed tool to find the vulnerabilities of web applications based on evaluation criteria i.e. free available, easy to integrate and use, find vulnerabilities as per OWASP-Top 10 vulnerabilities, provide detail compliance documentation, smart alerts capabilities with continuous asset monitoring and data correlation features.
Item Type: | Thesis (Masters) |
---|---|
Supervisors: | Name Email Mahajan, Kamil UNSPECIFIED |
Subjects: | Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science Q Science > QA Mathematics > Computer software T Technology > T Technology (General) > Information Technology > Computer software Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security |
Divisions: | School of Computing > Master of Science in Cyber Security |
Depositing User: | Ciara O'Brien |
Date Deposited: | 23 Jul 2025 13:47 |
Last Modified: | 23 Jul 2025 13:47 |
URI: | https://norma.ncirl.ie/id/eprint/8213 |
Actions (login required)
![]() |
View Item |