Web Application Penetration Testing & Patch Development Using Kali Linux

Nowadays, safety is a first-rate subject for all applications. There has been an exponential growth year by year in the number of businesses going digital since the few decades following the birth of the Internet. In these technologically advanced times, cyber security is a must mainly for internet...

Full description

Saved in:
Bibliographic Details
Published in:International Conference on Advanced Computing and Communication Systems (Online) Vol. 1; pp. 1392 - 1397
Main Authors: Karayat, Ritik, Jadhav, Manish, Kondaka, Lakshmi Sudha, Nambiar, Ashwath
Format: Conference Proceeding
Language:English
Published: IEEE 25.03.2022
Subjects:
Computer crime
Flask
Internet
Kali Linux
Law
Linux
Manuals
OS Command Injection
Python
Safety
Servers
Skipfish
Spider
SQLI
XSS
ISSN:2575-7288
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Nowadays, safety is a first-rate subject for all applications. There has been an exponential growth year by year in the number of businesses going digital since the few decades following the birth of the Internet. In these technologically advanced times, cyber security is a must mainly for internet applications, so we have the notion of diving deeper into the Cyber security domain and are determined to make a complete project. We aim to develop a website portal for ease of communication between us and the end user. Utilizing the power of python scripting and flask server to make independent automated tools for detection of SQLI, XSS & a Spider(Content Discovery Tool). We have also integrated skipfish as a website vulnerability scanner to our project using python and Kali Linux. Since conducting a penetration test on another website without permission is not legal, we thought of building a dummy website prone to OS Command Injection in addition to the above-mentioned attacks. A well-documented report will be generated after the penetration test/ vulnerability scan. In case the website is vulnerable, patching of the website will be done with the user's consent.
ISSN:2575-7288
DOI:10.1109/ICACCS54159.2022.9785232