NORMA eResearch @NCI Library

Automated Vulnerability Assessment Tool for Web Applications

Chada, Ravali (2024) Automated Vulnerability Assessment Tool for Web Applications. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (487kB) | Preview
[thumbnail of Configuration Manual]
Preview
PDF (Configuration Manual)
Download (601kB) | Preview

Abstract

Web applications are used in many business processes nowadays, while at the same time, they become more susceptible to complex cyber threats. This project gives one of the approaches of developing an automated vulnerability assessment tool targeting general security flaws like SQL Injection (SQLi), Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF). The tool is implemented in Python for web scraping and HTTP interactions with added elements of machine learning for a better detection rate. The methodology has a friendly user graphical interface written in Java to enhance its usage by both technical and non-technical persons. The tool was thoroughly checked in different types of web applications, and it was able to detect weaknesses and suggest ways of protection. The tool’s performance suggests that it is effective in enhancing the security of web applications. Still, it also shows the drawbacks of false positive/negative and the necessity of further improvement. This work is useful for the field of cybersecurity since it presents an efficient, practical, and scalable tool for the automated web vulnerability assessment with the future development focusing on the broadening of the coverage of types of vulnerabilities and the improvement of the real-time processing.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Hafeez, Khadija
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 29 Jul 2025 11:12
Last Modified: 29 Jul 2025 11:12
URI: https://norma.ncirl.ie/id/eprint/8299

Actions (login required)

View Item View Item