Web Vulnerability Scanner (WVS): A Tool for detecting Web Application Vulnerabilities

In recent years, internet applications have became enormously well-liked, and today they're habitually employed in security-critical environments, like medical, ?nancial, and military systems. Because the use of internet applications has increased, the amount and class of attacks against these applications have also matured. Moreover, the research community primarily targeted on detecting vulnerabilities, which results from insecure information ?ow in internet applications like cross-site scripting and SQL injection have also increased. Injection Attacks exploit vulnerabilities of websites by inserting and executing malicious code (e.g., information query, JavaScript functions) in unsuspecting users, computing surroundings or on a web server. Such attacks compromise user’s information, system resources and cause a significant threat to private and business assets. We tend to investigate and develop a tool Web Vulnerability Scanner (WVS) which queries the vulnerable fragments of applications (written in query and application languages) and are then identi?ed and analyzed o?ine (statically). Results show the effectiveness of our Tool, compared to the present ones in dimensions alike, it has been observed that vulnerabilities go undetected once the existing ways of area unit used; it makes offline analysis of applications time e?cient; and ?nally, it reduces the runtime observation overhead.