Download PDFOpen PDF in browser

Vulnerability Assessment Penetration Testing (VAPT) for Web Applications

EasyChair Preprint 2100

8 pagesDate: December 5, 2019

Abstract

Vulnerability assessment and penetration testing-(VAPT) provides a critical observation of organization OS-operating systems, web servers, DB-database servers, access points, and loopholes or back doors. Attackers use these vulnerabilities to exploit the victim’s system. It is better to find out these vulnerabilities in advance before the attacker does. In this paper, we proved Vulnerability Assessment and Penetration Testing (VAPT) as a Cyber defense technology, how we can provide active cyber defense using Vulnerability Assessment and Penetration Testing.  It gives a more detailed view of threats, loopholes, bugs, back doors so that the information security specialist fixes all these vulnerabilities and back doors will help to provide more security and better protection from malicious attacks. Vulnerabilities can be found in two ways, internal testing, and external testing. We described the complete life cycle of Vulnerability Assessment and Penetration Testing on systems or networks and proactive action taken to resolve that vulnerability and stop the possible attacks. We have described the complete process of how to use Vulnerability Assessment and Penetration Testing as a powerful Cyber Defense Technology. Meaningful information or data are transferred over the web, cyberattacks are increasing every day with the increased use of Web applications. Globally, statistics show that more than 70 per- cent of the applications either have vulnerabilities that could potentially be exploited by a hacker, or worse, or they have already been exploited.  So it needs to be secure. The best way to secure our web application of the website is to hack ourselves or by conducting penetration testing. In this research paper, penetration analysis of web security issues of the website is presented, using Kali Linux, OWASP ZAP, Burp Suite, etc. VAPT ensures that organization applications, web servers, database servers brought back to the initial state.

Keyphrases: Cybersecurity, Ethical Hacking, Information Security, SQL Injection, VAPT, XSS, XXE, injection

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:2100,
  author    = {Md Shahidullah},
  title     = {Vulnerability Assessment Penetration Testing (VAPT) for Web Applications},
  howpublished = {EasyChair Preprint 2100},
  year      = {EasyChair, 2019}}
Download PDFOpen PDF in browser