Skip to main content
SpringerLink
Log in

Analyzing Security Testing Tools for Web Applications

  • Conference paper
  • First Online:
International Conference on Innovative Computing and Communications

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1387))

Abstract

A web application makes use of web browsers to perform Internet tasks. Lots of businesses utilize the Internet as a profitable means of communication. Currently, the business world is facing multiple cyber breaches and attacks. Conducting a penetration test on any website or information system is, therefore, essential to enhance cybersecurity. Choosing the most effective tool for penetration testing is more important. This paper aims to examine two vital tools that are employed in testing the vulnerabilities of a chosen test website. The two tools, ZAP and Acunetix, are used to identify the weaknesses of the website. Besides, the usefulness and the purpose of each tool are shown and described. The comparison of these tools is intended to identify the effectiveness of all penetration testing tools in information systems and the difference they may depict depending on a given tool. The results show that the ZAP tool seems to be more effective compared with the other format.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Muamer, N. M., & Sulaiman, N. (2011). A novel local network intrusion detection system based on support vector machine. Journal of Computer Science, 7, 1560–1564.

    Article  Google Scholar 

  2. Munoz, R. F., Cortes, S. I. I., & Villaiba, G. J. L. (201). Enlargement of vulnerable web applications for testing. The Journal of Supercomputing, 74, 6598–6617.

    Google Scholar 

  3. Al Shebli, H. M. Z., & Beheshti, B. D. (2018). A study on penetration testing processes and tools. In 2018 IEEE Long Island Systems, Applications, and Technology Conference (LISAT) (pp. 1–7).

    Google Scholar 

  4. Alzahrani, A., Alqazzaz, A., Zhu, Y., Fu, H., & Almashfi, N. (2017). Web application security tools analysis. In IEEE 3rd international conference on big data security on cloud (big data security), IEEE international conference on high performance and smart computing (hPSC), and IEEE international conference on intelligent data and security (pp. 237–242).

    Google Scholar 

  5. Munoz, R. F., Vega, A. A. E., & Villaiba, G. J. L. (2018). Analyzing the traffic of penetration testing tools with an IDS. The Journal of Supercomputing, 74, 6454–6469.

    Google Scholar 

  6. Matnee, A. Y. (2018). Estimating the state of website security as poorly regulated mechanisms based on fuzzy logic methods. 9–10.

    Google Scholar 

  7. Thakre, S. (2018). Studying the effectiveness of various tools in detecting the protecting mechanisms implemented in web-applications. In Proceedings of the International Conference on Inventive Research in Computing Applications.

    Google Scholar 

  8. Idongesit, E., & Olufemi, O. U. (2017). A multilayer secured protocol for REST-based services. Journal of International Information Management Association Inc, 1–25.

    Google Scholar 

  9. Kushe, R. (2017). Security assessment of web applications. In UBT Conference (pp. 101–106).

    Google Scholar 

  10. Najera-Gutierrez, G., & Ansari, J. A. (2018). Web penetration testing with kali linux: Explore the methods and tools of ethical hacking with Kali Linux. Packt Publishing Ltd.

    Google Scholar 

  11. Netsparker Web Vulnerability Scanner Product Brochure. https://www.netsparker.com/s/NetsparkerProductBrochure.pdf.

  12. Kumar, P., & Pateriya, R. K. (2012). A survey on SQL injection attacks, detection and prevention techniques. In International Conference on Computing and Networking Technology (ICCN).

    Google Scholar 

  13. Siahaan, A. P. U. (2017). Security assessment of web application through penetration system techniques. International Journal of Recent Trends in Engineering and Resarch.

    Google Scholar 

  14. Singh, H., Jangra, S., & Verma, P. K. (2016). Penetration testing: analyzing the security of the network by Hacker’s mind. IJLTEMAS, V, 56–60.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Engineering, Taibah University, Medina, Saudi Arabia

    Amel F. Aljebry, Yasmine M. Alqahtani & Norrozila Sulaiman

Authors
  1. Amel F. Aljebry
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yasmine M. Alqahtani
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Norrozila Sulaiman
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Norrozila Sulaiman .

Editor information

Editors and Affiliations

  1. Maharaja Agrasen Institute of Technology, Rohini, Delhi, India

    Ashish Khanna

  2. Department of Computer Science and Engineering, Maharaja Agrasen Institute of Technology, Rohini, Delhi, India

    Deepak Gupta

  3. Department of Computer Science and Engineering, CHRIST (Deemed to be University), Bangalore, Karnataka, India

    Siddhartha Bhattacharyya

  4. Faculty of Computers and Information, Cairo University, Giza, Egypt

    Aboul Ella Hassanien

  5. Department of Computer Science, Shaheed Sukhdev College of Business Studies, Rohini, Delhi, India

    Sameer Anand

  6. Department of Computer Science, Shaheed Sukhdev College of Business Studies, Rohini, Delhi, India

    Ajay Jaiswal

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Aljebry, A.F., Alqahtani, Y.M., Sulaiman, N. (2022). Analyzing Security Testing Tools for Web Applications. In: Khanna, A., Gupta, D., Bhattacharyya, S., Hassanien, A.E., Anand, S., Jaiswal, A. (eds) International Conference on Innovative Computing and Communications. Advances in Intelligent Systems and Computing, vol 1387. Springer, Singapore. https://doi.org/10.1007/978-981-16-2594-7_34

Download citation

Publish with us

Policies and ethics

Search

Navigation