Addressing Web Application Security Issues and Vulnerabilities Assessment Pen Testing
Matthi Naveen1, Pragnyaban Mishra2
1Matthi Naveen*, Department of CSE, KLEF, Vaddeswaram, Guntur Dist., India.
2Dr Pragnyaban Mishra, Assoc Professor, Department of CSE, KLEF, Vaddeswaram, Guntur, Dist, India.
Manuscript received on March 16, 2020. | Revised Manuscript received on March 24, 2020. | Manuscript published on March 30, 2020. | PP: 2314-2321 | Volume-8 Issue-6, March 2020. | Retrieval Number: F8169038620/2020©BEIESP | DOI: 10.35940/ijrte.F8169.038620
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The world relies heavily on the Internet, and every organization uses web applications extensively for information sharing, business purposes such as online sales, money transfer, etc., and Exchange services. Nowadays, providing security for web applications is the greatest challenge in the corporate world because web applications will be the main way for their daily business and if the web application is affected, then daily business and reputation will be affected. As many organizations have been using the web application service to share or store sensitive information about their clients and assets. So, Web Applications are inclined to security attacks and new security vulnerabilities have grown in the last two decades in a web application and have become an important target for attackers. So, it is very vital to secure a web application. The vulnerabilities in web applications will incur due to the security misconfigurations, programming mistakes, improper usage of security measures, etc. So, vulnerability assessment and pen testing will help to figure out the different vulnerabilities present in web applications. The websites are also using to deliver the critical services to its customers so it must run every time without any interception, to do this VAPT will play a crucial role. This paper reviews about vulnerability assessment and pretesting steps and types, website vulnerabilities like SQL Injection, Cross-Site scripting, file inclusion, cross-site request forgery, and broken authentication with types and remediations and also discuss how the effect of these vulnerabilities on a web application.
Keywords: Cross-Site Scripting, Cross-Site Request Forgery, File Inclusion, Penetrating Testing, Steps in VAPT, SQL Injection, Vulnerability Assessment, VAPT Types, Types Of XSS, Types Of SQL Injection.
Scope of the Article: Internet and Web Applications.