Scribd
Upload
79 views

60 Website Vulnerability Scanning System Using Python PY060

This document describes a website vulnerability scanning system built using Python. It scans websites for common vulnerabilities like SQL injection, cross-site scripting, and subdomain scanning. The system is easy to use and maintain. It uses machine learning to detect malware and plug-in framework to automate the scanning process. The frontend is built with HTML, CSS, JavaScript while the backend uses Python, Django framework and MySQL database. The system aims to improve scanning efficiency over traditional vulnerability scanners.

Uploaded by

VijayKumar Lokanadam
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
79 views

60 Website Vulnerability Scanning System Using Python PY060

This document describes a website vulnerability scanning system built using Python. It scans websites for common vulnerabilities like SQL injection, cross-site scripting, and subdomain scanning. The system is easy to use and maintain. It uses machine learning to detect malware and plug-in framework to automate the scanning process. The frontend is built with HTML, CSS, JavaScript while the backend uses Python, Django framework and MySQL database. The system aims to improve scanning efficiency over traditional vulnerability scanners.

Uploaded by

VijayKumar Lokanadam
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Website Vulnerability Scanning System using

Python

1) Background/ Problem Statement

With the rapid development of the Internet, Web security issues have
become increasingly prevalent; hackers will exploit Web vulnerabilities
to infiltrate websites, resulting in numerous security incidents. Web
vulnerability scanners on the market have a number of issues, including
insufficient scanning accuracy, large software, low scalability, and so on.
Traditional scanners generally obtain the URL of the website via a
crawler, send a request to the website with attack parameters to obtain
the payload, and output the corresponding vulnerability report if the
payload is successfully verified.
Based on these security threats, using vulnerability scanners to detect
vulnerabilities on websites has some value. This Website Vulnerability
Scanner uses a callable plug-in framework to automate the scanning
process, send a request with parameters to the target website, and
detect website vulnerabilities based on the response.
2) Working of the Project

SQL injection vulnerabilities, cross-site scripting vulnerabilities, and


cross-site request forgery vulnerabilities are examples of common web
security flaws. To achieve the goal of invading websites, hackers can
conduct penetration tests on target websites and use Web
vulnerabilities to escalate privileges on website servers.
Our Website Vulnerability Scanner can collect website information in
batches to achieve high concurrency between modules, and tasks can
be processed simultaneously between crawlers and plug-ins, improving
the efficiency of scanning websites, and the vulnerability script of the
system has been updated.
The front-end involves Html, CSS, and JavaScript and the back-end
involves Python. The framework used is Django and the database is
MySQL. The model used for machine learning is Logistic Regression.

3) Advantages
- It is easy to maintain.
- It is user-friendly.
- Detects malware, SQL Injection, XSS attacks, and sub-domain
scanning with ease.

4) System Description
The system comprises 1 major module with their sub-modules as
follows:
USER:
 Registration
 Login
 Scanning
- Malware Detection
Using machine learning, the URL will be passed and will be
detected as good or bad)
- Detecting SQL Injection
- Detecting XSS attack
- Sub-domain Scanning
 Logout
5) Project Life Cycle

The waterfall model is a classical model used in the system


development life cycle to create a system with a linear and sequential
approach. It is termed a waterfall because the model develops
systematically from one phase to another in a downward fashion. The
waterfall approach does not define the process to go back to the
previous phase to handle changes in requirements. The waterfall
approach is the earliest approach that was used for software
development.
6) System Requirements

I. Hardware Requirement

i. Laptop or PC
 Windows 7 or higher
 I3 processor system or higher
 4 GB RAM or higher
 100 GB ROM or higher

II. Software Requirement

ii. Laptop or PC
 Python
 Sublime text Editor
 XAMP Server
7) Limitation/Disadvantages
- A valid web link must be provided.

8) Application – This application sends a request with parameters to


the target website and analyses the response to detect website
vulnerabilities.

9) Reference
- https://www.igi-global.com/gateway/article/full-text-html/
302875&riu=true
- https://www.researchgate.net/publication/
343434820_Detecting_Security_Vulnerabilities_in_Website_using_Py
thon
- https://ieeexplore.ieee.org/document/9718899
- https://dl.acm.org/doi/abs/10.4018/IJDCF.302875

You might also like