NCI WEBSITE
NORMA eResearch @NCI Library

Evaluation of Open-Source Vulnerability Scanners for Web Applications and WordPress Websites

Tools

Hussain, Muzammil (2024) Evaluation of Open-Source Vulnerability Scanners for Web Applications and WordPress Websites. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (4MB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (14MB) | Preview

Abstract

Web applications are more vulnerable ever than before. Everyone is using web applications to somehow and businesses are more worried about the confidential details i.e. informational or financial of their valued customers to expose into the wrong hands. Cyber-criminals always try to break down the security of these applications to get unauthorized access. So, it is better to find the weak points and secure them prior to attack with the help of automatic vulnerability scanners because manual evaluation is pretty much difficult and time consuming. Mostly vulnerability scanners are commercial and expensive to buy. The motive of this research is to evaluate the performance of open-source vulnerability scanners and propose a best open-source vulnerability scanner for web applications including WordPress websites based on evaluation criteria. Five open-source vulnerability scanners i.e. reNgine, Nessus (essentials), OWASP ZAP, Wapiti and Burp Suite (community) are tested to find the vulnerabilities in Open Web Application Security Project-Broken Web Application (OWASP-BWA) and WordPress website hosting on Amazon Web Service-Elastic Compute Cloud (AWS-EC2) instance. reNgine is proposed tool to find the vulnerabilities of web applications based on evaluation criteria i.e. free available, easy to integrate and use, find vulnerabilities as per OWASP-Top 10 vulnerabilities, provide detail compliance documentation, smart alerts capabilities with continuous asset monitoring and data correlation features.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Mahajan, Kamil
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software
T Technology > T Technology (General) > Information Technology > Computer software
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 23 Jul 2025 13:47
Last Modified: 23 Jul 2025 13:47
URI: https://norma.ncirl.ie/id/eprint/8213

Actions (login required)

View Item View Item