Enhancing Web Application Security Through Penetration Testing
Location
Hager-Lubbers Exhibition Hall
Description
PURPOSE The main purpose of this research project is to analyze the effectiveness of the various pen testing tools within the Kali Linux environment to provide insights into their utility and efficacy for enhancing web application security through penetration testing. SUBJECTS The sample for this project includes penetration testing tools commonly used in cybersecurity practices such as Burp Suite, OWASP ZAP, etc. which represent a diverse range of techniques for vulnerability scanning and exploitation in web applications. METHODS AND MATERIALS The data collection involved but was not limited to the testing of each penetration testing tool within a Kali Linux environment to assess the functionalities, efficiency, and performance of the tools. The methodologies involved using the tools to simulate different types of attacks like SQL injection and brute-force attacks. ANALYSES The analysis mainly focused on the evaluation of the effectiveness and versatility of each of the penetration testing tools in detecting vulnerabilities and exploiting them within web applications. This further involved assessing factors such as ease of use, accuracy in identifying and exploiting security flaws, and comprehensiveness of the future. RESULTS The results show that the tested penetration testing tools offer varying degrees of effectiveness in identifying and exploiting the vulnerabilities within web applications. Burp Suite and OWASP ZAP demonstrated robust performance in scanning the vulnerabilities while Metasploit and BeEF demonstrated greater exploitation techniques.
Enhancing Web Application Security Through Penetration Testing
Hager-Lubbers Exhibition Hall
PURPOSE The main purpose of this research project is to analyze the effectiveness of the various pen testing tools within the Kali Linux environment to provide insights into their utility and efficacy for enhancing web application security through penetration testing. SUBJECTS The sample for this project includes penetration testing tools commonly used in cybersecurity practices such as Burp Suite, OWASP ZAP, etc. which represent a diverse range of techniques for vulnerability scanning and exploitation in web applications. METHODS AND MATERIALS The data collection involved but was not limited to the testing of each penetration testing tool within a Kali Linux environment to assess the functionalities, efficiency, and performance of the tools. The methodologies involved using the tools to simulate different types of attacks like SQL injection and brute-force attacks. ANALYSES The analysis mainly focused on the evaluation of the effectiveness and versatility of each of the penetration testing tools in detecting vulnerabilities and exploiting them within web applications. This further involved assessing factors such as ease of use, accuracy in identifying and exploiting security flaws, and comprehensiveness of the future. RESULTS The results show that the tested penetration testing tools offer varying degrees of effectiveness in identifying and exploiting the vulnerabilities within web applications. Burp Suite and OWASP ZAP demonstrated robust performance in scanning the vulnerabilities while Metasploit and BeEF demonstrated greater exploitation techniques.