Author(s)

Meenakshi S. P. Manikandaswamy, Vijay Madisetti

School of Cybersecurity and Privacy, Georgia Institute of Technology, Atlanta, USA.

Considering the escalating frequency and sophistication of cyber threats targeting web applications, this paper proposes the development of an automated web security analysis tool to address the accessibility gap for non-security professionals. This paper presents the design and implementation of an automated web security analysis tool, AWSAT, aimed at enabling individuals with limited security expertise to effectively assess and mitigate vulnerabilities in web applications. Leveraging advanced scanning techniques, the tool identifies common threats such as Cross-Site Scripting (XSS), SQL Injection, and Cross-Site Request Forgery (CSRF), providing detailed reports with actionable insights. By integrating sample payloads and reference study links, the tool facilitates informed decision-making in enhancing the security posture of web applications. Through its user-friendly interface and robust functionality, the tool aims to democratize web security practices, empowering a wider audience to proactively safeguard against cyber threats.

Web Security, Automated Analysis, Vulnerability Assessment, Web Scanning, Cross-Site Scripting, SQL Injection, Cross-Site Request Forgery

Manikandaswamy, M. and Madisetti, V. (2024) Design & Test of an Advanced Web Security Analysis Tool (AWSAT). Journal of Software Engineering and Applications, 17, 448-461. doi: 10.4236/jsea.2024.175024.