Research On Web Application Vulnerability Scanning

Along with the rapid development of Internet, Web applications are more and more popular, bringing more and more economic values. However, their safety have not been paid enough attention to, which makes Web applications be vulnerable when facing attackers. It’s serious security risk.In order to ensure the security of Web applications, it’s urgent to find the appropriate Web application vulnerabilities detection method. Traditional artificial detection way costs a lot of time and energy, and the efficiency and effect are poor. In addition, while the scale of Web applications are becoming larger and software development cycle becomes shorter, it’s no longer possible to use artificial detection way. To improve the security of Web applications, automated vulnerability scanning tools must be adopted.To solve these problems, in this thesis we do research on Web application vulnerability scanning related technology. First, related concepts are elaborated. Then specific vulnerability scanning technology is analyzed. Following is the assessment methods of Web application vulnerability scanning tools. The main contributions of this thesis are as follows:First, since there are plenty of Web application vulnerability scanning tools, we need an assessment to provide reference for security detection staffs. In this thesis, according to the assess standards and benchmarking methodology of Web application vulnerability scanning tools, we decide to use wavsep as scanning target, then design and implement experiment, from vulnerability coverage, false positive rate, functional support, performance, ease of use and other perspective faceted seven of the most popular Web application vulnerability scanning tools. This provides a comprehensive reference for choosing Web application vulnerability scanning tools and ensuring Web application security.Second, we use SkipFish to scan Web system X, in order to explore the correct way of using vulnerability scanning tools and analyzing method of scan results. Further more, we give advice for repairing different vulnerabilities. In this part we mainly want to share experience.Third, no vulnerability scanning tool is perfect. As far as SkipFish is concerned, there’s no doubt it’s a great tool, but there are still many details need to be improved. Based on above usage of SkipFish, we analyze the architecture and scanning principle of SkipFish, especially going deep into the SQL injection vulnerability scanning mechanism. Combined with report of SkipFish scanning wavsep, we find out the scenario which SkipFish cannot cover, then we design and implement improvement solution. In the end, the coverage of SQL injection vulnerability has largely been improved.