An Extensible Web Application Vulnerability Assessment and Testing Framework
Citation
Export citationDelamore, B. (2014). An Extensible Web Application Vulnerability Assessment and Testing Framework (Thesis, Master of Science (MSc)). University of Waikato, Hamilton, New Zealand. Retrieved from https://hdl.handle.net/10289/9497
Permanent Research Commons link: https://hdl.handle.net/10289/9497
Abstract
The process of identifying vulnerabilities in web services plays an integral role in reducing risk to an organisation that seeks to protect their intellectual property and data. The process itself generally involves an automated scan that looks for software misconfigurations, outdated services and exposures that may lead to defacement, data loss or system compromise. However, even with myriad open-source and commercial applications that provide automated vulnerability assessments, the frequency of large scale data breaches and exploitation by adversaries is continuing to increase. This thesis presents a framework that enables not only the skilled security professional to accurately assess the risk of vulnerabilities in web servers, but also empowers non-technical users to scan their web servers and find out the implications of vulnerabilities in their systems. This is achieved by building a user-centric solution which addresses the gaps identified in previous work, and focuses on the most critical vulnerabilities outlined by two major security research organisations.
Date
2014Type
Degree Name
Supervisors
Publisher
University of Waikato
Rights
All items in Research Commons are provided for private study and research purposes and are protected by copyright with all rights reserved unless otherwise indicated.
Collections
- Masters Degree Theses [2469]