Relevant bibliographies by topics / Web Application Penetration Testing / Journal articles
To see the other types of publications on this topic, follow the link: Web Application Penetration Testing.

Journal articles on the topic 'Web Application Penetration Testing'

Author: Grafiati
Published: 4 June 2025
Last updated: 1 August 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Web Application Penetration Testing.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Yadav, Saurabh, and Pawan Singh. "Web Application and Penetration Testing." Journal of Informatics Electrical and Electronics Engineering (JIEEE) 1, no. 2 (2020): 1–11. http://dx.doi.org/10.54060/jieee/001.02.003.

Full text
Abstract:
In the present scenario, the usage of internet is enormous and is escalating day by day. Internet facilities are employed in almost every field of work and people are becoming depending on it, with the increasing dependency on the internet, concern regarding information security has been increased. Because most of the work, e-commerce, chatting, payment of the bill, etc. are work through over the internet. That is why security is most important for any website. Basically, such security concern is high in the field of organizations, institutions, and the financial sector. This paper aims to add
APA, Harvard, Vancouver, ISO, and other styles
2

DURIC, Z. "WAPTT - Web Application Penetration Testing Tool." Advances in Electrical and Computer Engineering 14, no. 1 (2014): 93–102. http://dx.doi.org/10.4316/aece.2014.01015.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Alanda, Alde, Deni Satria, M. Isthofa Ardhana, Andi Ahmad Dahlan, and Hanriyawan Adnan Mooduto. "Web Application Penetration Testing Using SQL Injection Attack." JOIV : International Journal on Informatics Visualization 5, no. 3 (2021): 320. http://dx.doi.org/10.30630/joiv.5.3.470.

Full text
Abstract:
A web application is a very important requirement in the information and digitalization era. With the increasing use of the internet and the growing number of web applications, every web application requires an adequate security level to store information safely and avoid cyber attacks. Web applications go through rapid development phases with short turnaround times, challenging to eliminate vulnerabilities. The vulnerability on the web application can be analyzed using the penetration testing method. This research uses penetration testing with the black-box method to test web application secu
APA, Harvard, Vancouver, ISO, and other styles
4

Altulaihan, Esra Abdullatif, Abrar Alismail, and Mounir Frikha. "A Survey on Web Application Penetration Testing." Electronics 12, no. 5 (2023): 1229. http://dx.doi.org/10.3390/electronics12051229.

Full text
Abstract:
Websites are becoming increasingly effective communication tools. Nevertheless, web applications are vulnerable to attack and can give attackers access to sensitive information or unauthorized access to accounts. The number of vulnerabilities in web applications has increased dramatically over the past decade. Many are due to improper validation and sanitization of input. Identifying these vulnerabilities is essential for developing high-quality, secure web applications. Whenever a website is released to the public, it is required to have had penetration testing to a certain standard to ensure
APA, Harvard, Vancouver, ISO, and other styles
5

Irwan, Syarifudin. "PENTESTING DAN ANALISIS KEAMANAN WEB PAUD DIKMAS." PENTESTING DAN ANALISIS KEAMANAN WEB PAUD DIKMAS 1 (April 4, 2018): 6. https://doi.org/10.5281/zenodo.1211847.

Full text
Abstract:
Semakin berkembangnya teknologi website semakin memberikan ruang bagi pihak yang tidak berwenang dalam melakukan tingkat kejahatan didunia maya. Perlu adanya antisipasi untuk mengamankan(security) assest-asset penting suatu instansi khususnya di instansi pemerintahan. Banyak celah yang terjadi pada website Paud Dikmas yang merupakan website milik Direktorat Jenderal Paud dan Dikmas Kementerian Pendidikan dan Kebudayaan RI. Terdapat beberapa celah-celah kerentanan dan memiliki tingkat risiko yang berbeda-beda diantaranya web information application disclosure, Anonymous FTP, Bypass Login, dan G
APA, Harvard, Vancouver, ISO, and other styles
6

Mykhailo, Antonishyn, Misnik Oleksii та Tsurkan Vasyl. "Аналіз якості роботи сканерів уразливостей веб-застосунків". Моделювання та інформаційні технології. - 2018. Вип. 83 (6 серпня 2018): 77–86. https://doi.org/10.5281/zenodo.6560216.

Full text
Abstract:
The main objective of this work was to find out the effectiveness of Zaproxy, W3AF, Arachni an open source and free integrated penetration testing tool for finding vulnerabilities in web applications. For this project, web application with vulnerability were used as tools, PHP, HTML, JavaScript, C#, Python and CSS as languages, and MySQL and MSSQL Database for making a prototype web application. Zaproxy, W3AF, Arachni were used as a testing tools. The reason for using Zaproxy, W3AF, Arachni are that it is an open source and free applications and it is a very popular tools among all available w
APA, Harvard, Vancouver, ISO, and other styles
7

SriNithi, D., G. Elavarasi, T. F. Michael Raj, and P. Sivaprakasam. "Improving Web Application Security Using Penetration Testing." Research Journal of Applied Sciences, Engineering and Technology 8, no. 5 (2014): 658–63. http://dx.doi.org/10.19026/rjaset.8.1019.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Al-Khannak, Rafid, and Sajjan Singh Nehal. "Penetration Testing for the Cloud-Based Web Application." WSEAS TRANSACTIONS ON COMPUTERS 22 (August 29, 2023): 104–13. http://dx.doi.org/10.37394/23205.2023.22.13.

Full text
Abstract:
This paper discusses methods, tools, approaches, and techniques used for the penetration testing on the cloud-based web application on Amazon AWS platform. The findings of a penetration test could be used to fix weaknesses and vulnerabilities, and significantly improve security. The testing is implemented by undertaking a malicious attack aiming to breach system networks and thereby confirm the presence of cloud infrastructure. The research focuses on cloud-based web applications' high-risk vulnerabilities such as unrestricted file upload, command injection, and cross-site scripting. The outco
APA, Harvard, Vancouver, ISO, and other styles
9

Chowdhary, Ankur, Kritshekhar Jha, and Ming Zhao. "Generative Adversarial Network (GAN)-Based Autonomous Penetration Testing for Web Applications." Sensors 23, no. 18 (2023): 8014. http://dx.doi.org/10.3390/s23188014.

Full text
Abstract:
The web application market has shown rapid growth in recent years. The expansion of Wireless Sensor Networks (WSNs) and the Internet of Things (IoT) has created new web-based communication and sensing frameworks. Current security research utilizes source code analysis and manual exploitation of web applications, to identify security vulnerabilities, such as Cross-Site Scripting (XSS) and SQL Injection, in these emerging fields. The attack samples generated as part of web application penetration testing on sensor networks can be easily blocked, using Web Application Firewalls (WAFs). In this re
APA, Harvard, Vancouver, ISO, and other styles
10

Wijaya, I. Gusti Agung Surya Pramana, Gusti Made Arya Sasmita, and I. Putu Agus Eka Pratama. "Web Application Penetration Testing on Udayana University's OASE E-learning Platform Using Information System Security Assessment Framework (ISSAF) and Open Source Security Testing Methodology Manual (OSSTMM)." International Journal of Information Technology and Computer Science 16, no. 2 (2024): 45–56. http://dx.doi.org/10.5815/ijitcs.2024.02.04.

Full text
Abstract:
Education is a field that utilizes information technology to support academic and operational activities. One of the technologies widely used in the education sector is web-based applications. Web-based technologies are vulnerable to exploitation by attackers, which highlights the importance of ensuring strong security measures in web-based systems. As an educational organization, Udayana University utilizes a web-based application called OASE. OASE, being a web-based system, requires thorough security verification. Penetration testing is conducted to assess the security of OASE. This testing
APA, Harvard, Vancouver, ISO, and other styles
11

Sharan, Leelark. "Study on Penetration Testing of Modern Web Application Vulnerabilities." International Journal of Computer Applications 181, no. 22 (2018): 44–50. http://dx.doi.org/10.5120/ijca2018917958.

Full text
APA, Harvard, Vancouver, ISO, and other styles
12

Jha, Tapan Kumar. "Modern Web Application Penetration Testing Tools: A Comparative Analysis." International Journal of Recent Research and Review XVII, no. 4 (2024): 171–85. https://doi.org/10.62233/ijrrr26.

Full text
Abstract:
Web applications increasingly serve as critical infrastructure, yet remain disproportionately vulnerable to cyber-attacks. This paper presents a comparative analysis of modern penetration testing (VAPT) tools—both open-source and commercial—with a focus on detection efficacy, coverage of the OWASP Top 10, false-positive rates, performance, usability, and cost. A selection of tools (Skipfish, OWASP ZAP, Burp Suite Pro, W3af, Qualys WAS, and Fortify WebInspect) are reviewed through data drawn from recent peer-reviewed studies, benchmarks on standardized testbeds like bWAPP, and industry reports.
APA, Harvard, Vancouver, ISO, and other styles
13

Berloh, Yevhenii, Andrii Rohovenko, and Hanna Dyvnych. "RESEARCH OF METHODS OF AUTOMATED SEARCH OF “SQL INJECTION” TYPE VULNERABILITIES IN WEB APPLICATIONS." Technical Sciences and Technologies, no. 4(30) (2022): 113–20. http://dx.doi.org/10.25140/2411-5363-2022-4(30)-113-120.

Full text
Abstract:
The article presents the results of a scientific and methodological study of the methods of automated search for SQL vulnerabilities in web applications. An example of an attack using a typical SQL injection is provided. The classification ofweb application security assessment methods based on penetration testing is given. The results of practical studies of the operation of the most widely used web scanners for automated vulnerability testing of web applications are given. Based on the results, a comparison of the effectiveness of penetration testing methods has been made. The possible direct
APA, Harvard, Vancouver, ISO, and other styles
14

Shahid, Jahanzeb, Muhammad Khurram Hameed, Ibrahim Tariq Javed, Kashif Naseer Qureshi, Moazam Ali, and Noel Crespi. "A Comparative Study of Web Application Security Parameters: Current Trends and Future Directions." Applied Sciences 12, no. 8 (2022): 4077. http://dx.doi.org/10.3390/app12084077.

Full text
Abstract:
The growing use of the internet has resulted in an exponential rise in the use of web applications. Businesses, industries, financial and educational institutions, and the general populace depend on web applications. This mammoth rise in their usage has also resulted in many security issues that make these web applications vulnerable, thereby affecting the confidentiality, integrity, and availability of associated information systems. It has, therefore, become necessary to find vulnerabilities in these information system resources to guarantee information security. A publicly available web app
APA, Harvard, Vancouver, ISO, and other styles
15

Sudha, T. Gnana, N. Snehalatha, and A. Komala. "Penetration Testing and Simulation for Vulnerability Assessment in Application Security." International Research Journal of Innovations in Engineering and Technology 09, Special Issue ICCIS (2025): 75–79. https://doi.org/10.47001/irjiet/2025.iccis-202511.

Full text
Abstract:
Abstract - This project is a security framework that includes a backend server, a web application firewall (WAF), and a penetration testing tool to protect web applications and identify vulnerabilities. The backend server handles data requests and responses securely using Flask. The WAF acts as a protective layer, checking requests for threats like XSS and SQL Injection, blocking malicious traffic, and forwarding safe requests to the backend. The penetration testing tool scans ports, detects services, grabs banners, and checks for known vulnerabilities like BlueKeep and SMBv3 RCE. It also gene
APA, Harvard, Vancouver, ISO, and other styles
16

Sulisnawati, Nani, and Subektiningsih Subektiningsih. "Implementation of Open Web Application Security Project for Penetration Testing on Educational Institution Websites." Jurnal Ilmiah Teknik Elektro Komputer dan Informatika 9, no. 2 (2023): 250–67. https://doi.org/10.26555/jiteki.v9i2.25987.

Full text
Abstract:
The development of information technology cannot be separated from the development of website applications, as well as the threat of security attacks that will attack website applications. Educational Institution X uses a website application as an important medium in learning activities. Therefore, penetration testing is needed to find security holes in website applications. In this study, penetration testing will be carried out with the target website for student access at Educational Institution X based on the reason that there is sensitive student data that needs to be secure. The method us
APA, Harvard, Vancouver, ISO, and other styles
17

Olena, Trofymenko, Dyka Anastasiia, and Loboda Yuliia. "Analysis of vulnerabilities and security problems of web applications." System technologies 3, no. 146 (2023): 25–37. http://dx.doi.org/10.34185/1562-9945-3-146-2023-03.

Full text
Abstract:
The article provides a comprehensive analysis of vulnerabilities, methods, tools and problems faced by web application security testing. The analysis of scientific research in the field of web application security testing revealed a significant interest of scientists in finding effective ways to minimize site security risks and vulnerabilities. It was found out that the list of the most common web application vulnerabilities includes: broken access control, cryptographic failures, misconfiguration of security, SQL and other injections, insecure design, identification and authentication errors,
APA, Harvard, Vancouver, ISO, and other styles
18

Ravindran, Urshila, and Raghu Vamsi Potukuchi. "A Review on Web Application Vulnerability Assessment and Penetration Testing." Review of Computer Engineering Studies 9, no. 1 (2022): 1–22. http://dx.doi.org/10.18280/rces.090101.

Full text
APA, Harvard, Vancouver, ISO, and other styles
19

Manjunath, Srujana, Shreya Malshetty, Jayalakshmi D., Chaithra Banger, and Y. Sharmasth Vali. "A Comprehensive NIDS-Based Strategy for Web Application Penetration Testing." International Journal of Computer Science and Engineering 11, no. 12 (2024): 1–6. https://doi.org/10.14445/23488387/ijcse-v11i12p101.

Full text
APA, Harvard, Vancouver, ISO, and other styles
20

Priambodo, Dimas Febriyan, Asep Dadan Rifansyah, and Muhammad Hasbi. "Penetration Testing Web XYZ Berdasarkan OWASP Risk Rating." Teknika 12, no. 1 (2023): 33–46. http://dx.doi.org/10.34148/teknika.v12i1.571.

Full text
Abstract:
Website ”XYZ” merupakan aplikasi yang mempunyai fungsi dalam layanan pembuatan dokumen kependudukan, layanan pendaftaran akses masuk, dan fitur login. Penilaian kerawanan secara berkala diperlukan untuk menjamin kehandalan dari aplikasi. Penilaian kerawanan dengan menggunakan tool uji saja sekarang tidak dirasa cukup sehingga memerlukan validasi. Salah satu validasi tersebut adalah menggunakan penetration testing. Uji penetrasi pada Website XYZ Kabupaten XYZ dilaksanakan dengan mengacu kepada Open Web Application Security Project (OWASP) Top 10-2021. Penetration testing dilaksanakan dengan met
APA, Harvard, Vancouver, ISO, and other styles
21

Albahar, Marwan, Dhoha Alansari, and Anca Jurcut. "An Empirical Comparison of Pen-Testing Tools for Detecting Web App Vulnerabilities." Electronics 11, no. 19 (2022): 2991. http://dx.doi.org/10.3390/electronics11192991.

Full text
Abstract:
Today, one of the most popular ways organizations use to provide their services, or broadly speaking, interact with their customers, is through web applications. Those applications should be protected and meet all security requirements. Penetration testers need to make sure that the attacker cannot find any weaknesses to destroy, exploit, or disclose information on the Web. Therefore, using automated vulnerability assessment tools is the best and easiest part of web application pen-testing, but these tools have strengths and weaknesses. Thus, using the wrong tool may lead to undetected, expect
APA, Harvard, Vancouver, ISO, and other styles
22

Hafiz, Naufal, Obrina Candra Briliyant, Dimas Febriyan Priambodo, Muhammad Hasbi, and Sri Siswanti. "Remote Penetration Testing with Telegram Bot." Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) 7, no. 3 (2023): 705–14. http://dx.doi.org/10.29207/resti.v7i3.4870.

Full text
Abstract:
The widespread of websites and web applications makes them the main target of cyber attacks. One way to increase security is to perform a penetration test. This test is carried out using the attacker's point of view to find out vulnerabilities on a website or web application and then exploit these vulnerabilities. The results of the penetration test can be used as recommendations to close the gaps that have been known through testing. Because penetration testing requires special resources such as tools and operating systems, a solution is needed to make penetration testing possible with low re
APA, Harvard, Vancouver, ISO, and other styles
23

Siva Prasad, K., Dr K. Raja Sekhar, and Dr P. Rajarajeswari. "An Integrated Approach Towards Vulnerability Assessment & Penetration Testing for a Web Application." International Journal of Engineering & Technology 7, no. 2.32 (2018): 431. http://dx.doi.org/10.14419/ijet.v7i2.32.15733.

Full text
Abstract:
Current digitized world has surpassed the days of mere existence of internet. Furnishing the services through web has become the most often element to be implemented by almost every sector. These ever-changing technologies has also brought about, devastating evading techniques compromising the fragility of the web application. Assessing the existing vulnerabilities of a web application and testing all possible penetrations would be tedious if the tools used are bearing a cost factor. This paper suggests an integrated approach of assessing the vulnerabilities in any web application using free a
APA, Harvard, Vancouver, ISO, and other styles
24

Begum, M. Fathima, Lekha Sree C, and Manasa P. "Enhancement of Web Application Security using SQLMap and Machine Learning." International Research Journal of Innovations in Engineering and Technology 09, Special Issue (2025): 267–72. https://doi.org/10.47001/irjiet/2025.inspire43.

Full text
Abstract:
SQL Injection (SQLi) is a critical vulnerability that allows attackers to manipulate databases through malicious queries. To detect such vulnerabilities in web applications, we integrated SQLMAP, a penetration testing tool, with a Random Forest machine learning model. SQLMAP automates vulnerability detection, and its commands are further automated to enable users to perform tests using simple numerical inputs, improving usability and efficiency. Data collected through SQLMAP is analyzed by the Random Forest classifier, trained on labeled datasets of malicious and benign queries, to predict vul
APA, Harvard, Vancouver, ISO, and other styles
25

Abdulghaffar, Khaled, Nebrase Elmrabit, and Mehdi Yousefi. "Enhancing Web Application Security through Automated Penetration Testing with Multiple Vulnerability Scanners." Computers 12, no. 11 (2023): 235. http://dx.doi.org/10.3390/computers12110235.

Full text
Abstract:
Penetration testers have increasingly adopted multiple penetration testing scanners to ensure the robustness of web applications. However, a notable limitation of many scanning techniques is their susceptibility to producing false positives. This paper presents a novel framework designed to automate the operation of multiple Web Application Vulnerability Scanners (WAVS) within a single platform. The framework generates a combined vulnerabilities report using two algorithms: an automation algorithm and a novel combination algorithm that produces comprehensive lists of detected vulnerabilities.
APA, Harvard, Vancouver, ISO, and other styles
26

Singh, Yuvraj. "WebSec : Exploring and Modulating Vulnerabilities." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 04 (2024): 1–5. http://dx.doi.org/10.55041/ijsrem30620.

Full text
Abstract:
This research investigates the performance of the OWASP Zed Attack Proxy (OWASP ZAP) and Paros open-source vulnerability scanners on the Damn Vulnerable Web Application (DVWA). By evaluating their capability to identify vulnerabilities, along with assessing their user-friendliness and features, the study highlights each scanner's strengths and weaknesses. The insights aim to assist developers and security professionals in selecting the most effective tools for improving the security posture of web applications. Keywords—Web Application Security, Vulnerability Scanners, OWASP ZAP, Paros, Damn V
APA, Harvard, Vancouver, ISO, and other styles
27

KOZEL, V. M., IE A. DROZDOVA, O. I. IVANCHUK, and O. О. PRYKHODKO. "RESEARCH OF PENETRATION TESTING METHODS." Вісник Херсонського національного технічного університету, no. 3(90) (November 26, 2024): 221–27. http://dx.doi.org/10.35546/kntu2078-4481.2024.3.28.

Full text
Abstract:
The article examines penetration testing methods as a vital tool for identifying vulnerabilities in modern information systems and networks. The attention is drawn to improving security in the face of a growing number of cyberattacks and analyzing ethical hacking to prevent intruders’ threats. An overview of the main approaches to penetration testing, such as Black Box, White Box, and Gray Box, is provided. Each method assesses system security at different levels, depending on the information available about the network under test. The classification of penetration testing by the tested aspect
APA, Harvard, Vancouver, ISO, and other styles
28

Nilesh, Bhingardeve, and Franklin Seeza. "A Comparison Study of Open Source Penetration Testing Tools." International Journal of Trend in Scientific Research and Development 2, no. 4 (2018): 2595–97. https://doi.org/10.31142/ijtsrd15662.

Full text
Abstract:
Penetration testing also known as Pen Test is a series of activities which is performed by authorized simulated attack on computer system, network or web application to find vulnerabilities that an attacker could exploit. It helps confirm the efficiency and effectiveness of the various security measures that have been implemented. In the world of Open Source Software, even Penetration Testing is not untouched. The purpose of this pilot study was to compare various the open source penetration testing tools. Nilesh Bhingardeve | Seeza Franklin "A Comparison Study of Open Source Penetration
APA, Harvard, Vancouver, ISO, and other styles
29

Sandeep, Phanireddy. "Advancing Security: Penetration Testing in Web Applications Powered by Artificial Intelligence." INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH AND CREATIVE TECHNOLOGY 6, no. 4 (2020): 1–7. https://doi.org/10.5281/zenodo.14787314.

Full text
Abstract:
Artificial Intelligence brings web applications to a new level of personalization and decision-making. These systems are new and complex but expose them to unique security challenges. Penetration testing (pen-testing) techniques specific to the penetration testing of AI-powered web applications are explored. It describes testing methodologies and available frameworks and tools and discusses the scope of pen-testing to improve security for AI systems and underlying web infrastructures. Illustrative diagrams complement the key insights to explain them.
APA, Harvard, Vancouver, ISO, and other styles
30

Rohith, Vallabhaneni, and Veeramachaneni Vinod. "Understanding Penetration Testing for Evaluating Vulnerabilities and Enhancing Cyber Security." Engineering and Technology Journal 9, no. 10 (2024): 5335–37. https://doi.org/10.5281/zenodo.13928567.

Full text
Abstract:
In response to the increasing incidence of cyber-attacks, organizations are prioritizing security testing for their software applications and products. Among the most effective methods for identifying vulnerabilities is penetration testing, which involves simulated attacks on systems to uncover weaknesses that could be exploited by malicious actors. This method not only aids in identifying and remediating security flaws but also evaluates a system's ability to withstand unexpected threats. This paper provides an in-depth exploration of penetration testing, detailing its stages, methodologies,
APA, Harvard, Vancouver, ISO, and other styles
31

Armando, Yoel, and Rosalina Rosalina. "Penetration Testing Tangerang City Web Application With Implementing OWASP Top 10 Web Security Risks Framework." JISA(Jurnal Informatika dan Sains) 6, no. 2 (2023): 105–9. http://dx.doi.org/10.31326/jisa.v6i2.1656.

Full text
Abstract:
The speed of technological development has made it possible for all people to be connected to one another. The creation of web-based information systems that help in all areas, including government, health, and education, is one of the forces behind the development of technology. With these technological advancements, websites are susceptible to cybercrimes that could end in the theft of crucial data. Top 10 Web Application Security Risks is the most effective prevention process for decrease company information leaks. On the website tangerangkota.go.id, the researcher will conduct a test using
APA, Harvard, Vancouver, ISO, and other styles
32

Samburskaya, S. А. "DEVELOPMENT OF A SECURE LOGGING AND MANAGEMENT SYSTEM FOR PENETRATION TESTING." Herald of the Kazakh-British technical university 20, no. 2 (2023): 125–36. http://dx.doi.org/10.55452/1998-6688-2023-20-2-125-136.

Full text
Abstract:
The sphere of information security in Kazakhstan affects an increasing number of industries every year, and penetration testing is also gaining popularity, as it is one of the key methods for assessing the security and risks of a company. This article is devoted to the research and development of a web application to provide full control over the penetration testing process: monitoring the implementation of tasks and projects, reporting on all processes, dividing tasks between employees. The management system automatically selects recommendations for eliminating vulnerabilities and generates r
APA, Harvard, Vancouver, ISO, and other styles
33

Melnikova, Anastasia, and Igor Karmanov. "DEVELOPMENT OF THE METHODOLOGY FOR PENETRATION TESTING OF MOBILE AND WEB APPLICATIONS." Interexpo GEO-Siberia 9 (2019): 47–53. http://dx.doi.org/10.33764/2618-981x-2019-9-47-53.

Full text
Abstract:
The relevance of the topic is due to the fact that penetration testing (tests to overcome protection, penetration testing, pentest) is a worldwide popular service in the field of information security. The essence of such work is an authorized attempt to circumvent the existing set of protection means of information system. During testing, the auditor performs the role of an attacker motivated to violate the information security of customer's network. In article, features of penetration testing are thoroughly studied, a detail analysis of existing foreign solutions in the field of penetration t
APA, Harvard, Vancouver, ISO, and other styles
34

Jha, Tapan Kumar, and Riddhi Soral. "Virtual Penetration Testing (VPT): A Next-Gen Approach To Web Application Security." International Journal of Recent Research and Review XVIII, no. 1 (2025): 281–98. https://doi.org/10.62233/ijrrr25.

Full text
Abstract:
Web applications have become fundamental components of the modern digital ecosystem, facilitating communication, commerce, and data exchange. However, their growing complexity and interconnectivity have made them prime targets for cyber-attacks. Traditional penetration testing methods, although effective, are often manual, time-consuming, and inconsistent. In response, Virtual Penetration Testing (VPT) has emerged as a next-generation solution that leverages automation, artificial intelligence (AI), and model-driven engineering to perform continuous, scalable, and efficient security assessment
APA, Harvard, Vancouver, ISO, and other styles
35

Bhardwaj, Barkha, and Shivam Tiwari. "Penetration Testing and Data Privacy: An In-Depth Review." Journal of Cyber Security in Computer System 2, no. 1 (2023): 18–22. http://dx.doi.org/10.46610/jcscs.2023.v02i01.003.

Full text
Abstract:
This research paper provides a comprehensive review of penetration testing and data privacy. Penetration testing is a simulation of an attack on a computer system, network, or web application to identify vulnerabilities and assess the level of security. The objective of this review is to highlight the importance of penetration testing in ensuring the privacy and security of sensitive data. The paper will cover the different types of penetration testing, the processes involved, and the tools and techniques used in the testing. Additionally, the paper will also discuss the various challenges fac
APA, Harvard, Vancouver, ISO, and other styles
36

Hasan, Abualese, and Al-Rousan Thamer. "A comparative study of web application security scanners for vulnerability detection." i-manager’s Journal on Software Engineering 17, no. 4 (2023): 1. http://dx.doi.org/10.26634/jse.17.4.19813.

Full text
Abstract:
A Web Vulnerability Scanner (WVS) is a software tool that assesses the security of web applications by conducting automated penetration tests. It speeds up the process, reduces costs, and eliminates the need for specialized testing engineers. This study evaluates the vulnerability detection capabilities of six WVSs, three commercial scanners, and three open-source scanners. The goal is to identify and mitigate potential security risks before they are exploited by malicious users. The study employed two well-known vulnerable web applications and four relevant metrics, such as detection rate of
APA, Harvard, Vancouver, ISO, and other styles
37

Luthfi Arian Nugraha. "Website Penetration Analysis Against XSS Attacks using Payload Method." Journal of Innovation Information Technology and Application (JINITA) 6, no. 1 (2024): 37–44. http://dx.doi.org/10.35970/jinita.v6i1.2225.

Full text
Abstract:
This research aims to analyze the effectiveness of various penetration testing methods in identifying and mitigating XSS (Cross-Site Scripting) vulnerabilities in web applications. XSS is a type of web security attack that takes advantage of weaknesses in web applications to insert malicious code into web pages displayed to users. This attack can steal user data, take over user sessions, or spread malware. This research uses a penetration testing method with a black-box approach, where the researcher does not know the construction of the system being tested. Tests were conducted on 10 random w
APA, Harvard, Vancouver, ISO, and other styles
38

Tolkachova, Anastasiia, and Andriian Piskozub. "METHODS FOR TESTING THE SECURITY OF WEB APPLICATIONS." Cybersecurity: Education, Science, Technique 2, no. 26 (2024): 115–22. https://doi.org/10.28925/2663-4023.2024.26.668.

Full text
Abstract:
Penetration testing is a key method of dynamic security assessment of computer networks, infrastructure, web and mobile applications aimed at identifying and exploiting vulnerabilities by simulating possible attacks by intruders. Traditionally, this process is carried out manually, requiring highly skilled cybersecurity professionals and considerable time to prepare, execute attacks, analyse the results and generate reports. However, with the growing complexity and number of cyber threats, there is a need for automated tools that can speed up the testing process while increasing its efficiency
APA, Harvard, Vancouver, ISO, and other styles
39

Kumar CSA, Ayush. "Ethical Hacking and Penetration Testing." International Scientific Journal of Engineering and Management 04, no. 04 (2025): 1–9. https://doi.org/10.55041/isjem02790.

Full text
Abstract:
The rise of digital infrastructure has led to an increase in cyber threats, making cybersecurity a critical concern for organizations. Ethical hacking and penetration testing have become essential tools in identifying vulnerabilities and preventing potential security breaches. Ethical hacking involves authorized professionals simulating cyberattacks to uncover security weaknesses, while penetration testing is a structured approach to evaluating system defenses through controlled attack scenarios. This study explores ethical hacking methodologies, including black-box, white-box, and gray-box te
APA, Harvard, Vancouver, ISO, and other styles
40

Vikas, Vippalapalli, G. Saisri, T. Sai Meghana, A. Sree Harshini, and G. Kaveri. "Web Security Audit and Penetration Testing: Identifying Vulnerabilities and Strengthening Website Security." International Journal for Research in Applied Science and Engineering Technology 11, no. 7 (2023): 794–805. http://dx.doi.org/10.22214/ijraset.2023.54658.

Full text
Abstract:
Abstract: This research paper presents a comprehensive analysis of the significance of web security audits and penetration testing in bolstering website security to combat the rising tide of cyber threats. In today's digital landscape, where cyber-attacks are becoming increasingly frequent and sophisticated, organizations must proactively assess vulnerabilities in their web applications and infrastructure. Through in-depth security audits and penetration testing, potential weaknesses can be identified and mitigated before they are exploited by malicious actors. This study explores various web
APA, Harvard, Vancouver, ISO, and other styles
41

Zhuravchak, Anastasiia, Andrian Piskozub, Bohdan Skorynovych, et al. "Design and development of a large language model-based tool for vulnerability detection." Eastern-European Journal of Enterprise Technologies 2, no. 2 (134) (2025): 75–83. https://doi.org/10.15587/1729-4061.2025.325251.

Full text
Abstract:
The subject of this study is a tool for automating vulnerability detection using large language models, developed to reduce the time spent on conventional penetration testing. In addition, a detailed analysis has been conducted comparing the effectiveness of the automated approach with that of conventional manual security testing. The tool utilizes application programming interface access to LLMs, enabling the analysis of large volumes of data, the identification of complex relationships between system components, and the provision of interactive support to specialists during the testing proce
APA, Harvard, Vancouver, ISO, and other styles
42

Hidayatulloh, Syarif, and Desky Saptadiaji. "Penetration Testing pada Website Universitas ARS Menggunakan Open Web Application Security Project (OWASP)." Jurnal Algoritma 18, no. 1 (2021): 77–86. http://dx.doi.org/10.33364/algoritma/v.18-1.827.

Full text
Abstract:
Universitas ARS adalah perguruan tinggi yang memanfaatkan website dalam melakukan kegiatan perkuliahannya. Seluruh informasi yang berkaitan dengan perkuliahan dimuat di website Universitas ARS. Banyak resiko yang akan terjadi apabila web server yang digunakan oleh website Universitas ARS tidak memiliki keamanan yang baik, banyak ancaman dari pihak yang tidak bertanggung jawab memanfaatkan celah keamanan untuk merugikan Universitas ARS. Tujuan penelitian ini adalah melakukan identifikasi kerentanan yang terdapat dalam website Universitas ARS dan melakukan pengujian serta analisis untuk mengetah
APA, Harvard, Vancouver, ISO, and other styles
43

Balwante, ShriKrishna, Jyotiraditya Dhamdhere, and Kunal Pawar. "Design and Implementation of an Enhanced Web Application Vulnerability Scanner." International Journal of Innovative Research in Computer Science and Technology 13, no. 2 (2025): 89–95. https://doi.org/10.55524/ijircst.2025.13.2.13.

Full text
Abstract:
Modern businesses heavily depend on web applications, while these platforms consistently serve as the main focus for cybercriminals. Current research demonstrates the necessity of advanced vulnerability discovery techniques to protect sensitive information. Research on vulnerability scanners includes a review of static analysis methods, dynamic scanning methods, and automated framework integration, which this paper summarizes. The research shows that static analysis tools cover all code fully but generate many false alerts; thus, static testing and dynamic methods both have limitations in cove
APA, Harvard, Vancouver, ISO, and other styles
44

Kasturi, Santanam, Xiaolong Li, John Pickard, and Peng Li. "Prioritization of Application Security Vulnerability Remediation Using Metrics, Correlation Analysis, and Threat Model." American Journal of Software Engineering and Applications 12, no. 1 (2024): 5–13. http://dx.doi.org/10.11648/j.ajsea.20241201.12.

Full text
Abstract:
As part of a continuing research for evaluating threats posed for exposed attack surface, this study will provide a consolidated view of exploitability of vulnerable applications presenting a web attack surface of an organization exposed to an attacker. While testing and scanning technologies like Static Analysis Security Testing (SAST), Dynamic Analysis Security Testing (DAST), Application Ethical Hack (Penetration Testing), a monitoring technology like the Web Application Firewall (WAF) provides web traffic information of the number of transaction requests for every application under study.
APA, Harvard, Vancouver, ISO, and other styles
45

Sahil, A. Bhat, N. Pankar Vitthal, Kumari Namrata, and Desale Vrushali. "Testing Tool: Offensive Server Side Security Analyser." Journal of Web Development and Web Designing 4, no. 2 (2019): 10–11. https://doi.org/10.5281/zenodo.3240738.

Full text
Abstract:
<em>The main purpose of making this tool is that administrators are not aware of many recent attacks like Symlink attack, obfuscated back dooring etc. So, our tool will effectively help them in finding the vulnerabilities.We have planned to design a server side penetration application that will effectively analyse all loopholes and help the server side administrator to secure his server. Ideally, this tool will work on local host and will operate through web browser. This tool will be able to test vulnerabilities in any server hosted on windows or any flavour of Linux.</em>
APA, Harvard, Vancouver, ISO, and other styles
46

Sunaringtyas, Septia Ulfa, and Djodi Surya Prayoga. "Implementasi Penetration Testing Execution Standard Untuk Uji Penetrasi Pada Layanan Single Sign-On." Edu Komputika Journal 8, no. 1 (2021): 48–56. http://dx.doi.org/10.15294/edukomputika.v8i1.47179.

Full text
Abstract:
Increasing the use of single sign-on technology by electronic-based service providers in addition to providing benefits also creates vulnerability. Penetration testing needed to identify vulnerabilities and test system security by exploiting those vulnerabilities. This research implements the Penetration Testing Execution Standard (PTES) for penetration testing of single singn-on services. Seven stages of the penetration test had done and 12 vulnerabilities were identified, consisting of 3 medium vulnerabilities, 6 low vulnerabilities and 3 information vulnerabilities. Six cyberattacks have be
APA, Harvard, Vancouver, ISO, and other styles
47

Raja Sekhar, K., Pavanasurya M, Komal Bharti, and Dhanya G. "A systematic review of vulnerability analysis & penetration testing tools." International Journal of Engineering & Technology 7, no. 1.1 (2017): 411. http://dx.doi.org/10.14419/ijet.v7i1.1.9944.

Full text
Abstract:
In Computer Security, the term vulnerability refers as a flaw in the system which creates a hole, giving an attacker a chance of taking control over the system. Any Software, Web application or anything related to computer product is vulnerable to attack in different ways like code stealing, sniffing of packets, hijacking the network, making the system compromised etc. In order to avoid such attacks a constant check has to be done and the check has to be done through various Pen testing tools. Penetration tools are one which is used to perform security check on an application to find the prese
APA, Harvard, Vancouver, ISO, and other styles
48

Lai, Sen Tarng. "Corrective Maintenance Based Vulnerability Repair Procedure to Improve Web Application Security." Applied Mechanics and Materials 182-183 (June 2012): 2085–90. http://dx.doi.org/10.4028/www.scientific.net/amm.182-183.2085.

Full text
Abstract:
In the internet age, the high efficiency and high profit activities must incorporate with the internet. Web Application (Web App) is an important IT product in the internet age. However, the network intrusions and security vulnerabilities have continued to threaten the operation of Web App. Penetration Testing (PT) is a critical step to identify security vulnerabilities. However, PT can not provide specific and effective follow-up work. For this, combining corrective maintenance with Web App repair operation will be discussed in this paper. And based on corrective maintenance, proposes a Web A
APA, Harvard, Vancouver, ISO, and other styles
49

Fitriana, Dina Nurika Fitriana, Putri Elfa Mas’udia, and Mila Kusumawardani. "NIST SP 800-115 Framework Implementation using Black Box Method on Security Gaps Testing on JTD Polinema’s Official Website." jartel 13, no. 4 (2023): 328–35. http://dx.doi.org/10.33795/jartel.v13i4.557.

Full text
Abstract:
The internet is one example of a computer network that can make it easier to obtain information. According to BSSN's December 2021 report, there were 3,483,706 web application attacks. According to the BSSN monthly report, there were 3,483,706 web application attacks at the end of December 2021. The JTD Study Program's official website (psjtd.polinema.ac.id) faced recurrent hacking incidents, exposing it to DDOS assaults and defacing. As a result, security testing must be carried out in accordance with particular standards, such as the National Institute of Standards and Technology (NIST) SP 8
APA, Harvard, Vancouver, ISO, and other styles
50

Muhammad Risky Ardiansyah, Muhlis Tahir, Andi Risqita Nuria Fawash, et al. "Analisis Kerentanan Keamanan Website Menggunakan Metode PTES (Penetration Testing Execution And Standart)." NUANSA INFORMATIKA 18, no. 2 (2024): 145–53. http://dx.doi.org/10.25134/ilkom.v18i2.119.

Full text
Abstract:
With rapid advances in Information Technology (IT), the need for an IT-based learning framework and mechanism has become an unavoidable necessity. This requires solid security in a system, using the Penetration Testing Execution and Standard (PTES) method. This research method is quantitative and descriptive, used to illuminate website security and provide input for improvement. The research involved Tenable Nessus Professional tools that emit vulnerabilities, such as Browseable Web Directory and Potentially Clickjacking Web. The PTES stages covered include Planning, Data Collection, Scanning,
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Web Application Penetration Testing' for other source types:
Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography