Vulnerability Assessment and Penetration Test...

Vulnerability Assessment and Penetration Testing of Web Application

Author Name : Farsana P S, Gokul Das, Praveen kumar K S

ABSTRACT

Internet has become inevitable factor in our daily life. The invention of web application was a major turning point in recognizing the true potential of the internet. They want to make sure that your information system is secure, protecting and maintaining valuable data. So the security of web application is a crucial aspect. Security is an important consideration at all stages of the application development life cycle, especially when it comes to addressing critical issues. In order to save from digital threats vulnerability testing provides two types of threats – ‘vulnerability assessment’ and ‘penetration testing’ (VAPT).

The vulnerability assessment is a testing process performed to recognize the vulnerabilities, and through this process the vulnerability security experts can be exposed, qualified and prioritize such vulnerabilities. With the help of a risk-based approach, vulnerability assessments could also be able to aims at various layers of technology the most common being network, host, and application layer assessments.

The penetration testing are different from vulnerability assessment services, the test is capable to identify the vulnerabilities such as potential for forbidden users to acquire access to the system’s features and data, as well as strengths, enabling a full risk assessment to be completed. Session exploitation, Cross-Site Scripting, SQL injection, Cross Site Request Forgery, Buffer over Flows, and Security Misconfiguration etc. are the major attacks in web application.

Keywords: Penetration Testing, Security, Vulnerability Assessment, Web application.