Design and Implementation of an Enhanced Web Application Vulnerability Scanner

ShriKrishna Balwante; Jyotiraditya Dhamdhere; Kunal Pawar

doi:10.55524/ijircst.2025.13.2.13

Abstract

Modern businesses heavily depend on web applications, while these platforms consistently serve as the main focus for cybercriminals. Current research demonstrates the necessity of advanced vulnerability discovery techniques to protect sensitive information. Research on vulnerability scanners includes a review of static analysis methods, dynamic scanning methods, and automated framework integration, which this paper summarizes. The research shows that static analysis tools cover all code fully but generate many false alerts; thus, static testing and dynamic methods both have limitations in covering web application vulnerabilities effectively. The merger of information from various scanners as part of automated penetration testing frameworks produces superior detection accuracy as well as elevated recall and improved F-measures. Additional research must concentrate on developing more advanced methods for integration techniques combined with adaptive machine learning and artificial intelligence to minimize the number of incorrect alerts.

Keywords

Web Application Security, Vulnerability Scanners, Static Analysis, Dynamic Analysis, Automated Penetration Testing

References

C. C. Nnaemeka and O. Ehichoya, "Evaluating Security Vulnerabilities in Web-Based Applications Using Static Analysis," arXiv preprint, 2022. Available from: https://arxiv.org/pdf/2212.12308
K. Abdulghaffar, N. Elmrabit, and M. Yousefi, "Enhancing Web Application Security through Automated Penetration Testing with Multiple Vulnerability Scanners," Computers, vol. 12, no. 12, pp. 235, 2023. Available from: https://doi.org/10.3390/computers12110235
A. I. Mohaidat and A. Al-Helali, "Web Vulnerability Scanning Tools: A Comprehensive Overview, Selection Guidance, and Cyber Security Recommendations," International Journal of Research Studies in Computer Science and Engineering (IJRSCSE), vol. 10, no. 1, 2024. Available from: https://doi.org/10.20431/2349-4859.1001002
H. S. Abdullah, "Evaluation of Open Source Web Application Vulnerability Scanners," Academic Journal of Nawroz University (AJNU), vol. 9, no. 1, 2020. Available from: https://doi.org/10.25007/ajnu.v9n1a532
S. Bairwa, B. Mewara, and J. Gajrani, "Vulnerability Scanners: A Proactive Approach To Assess Web Application Security," International Journal on Computational Science & Applications (IJCSA), vol. 4, no. 1, 2014. Available from: https://doi.org/10.5121/ijcsa.2014.4111
Z. Zheng, J. Wang, M. Lin, and H. Jin, "AI-Driven Vulnerability Detection: A Survey," IEEE Access, vol. 11, pp. 21534-21550, 2023. Available from: https://doi.org/10.1109/ACCESS.2023.3241234
M. I. Muhusina, N. T. Madathil, M. Alalawi, S. Alrabaee, M. A. Bataineh, S. Melhem, and D. Mouheb, "Cybersecurity activities for education and curriculum design: A survey," Computers in Human Behavior Reports, vol. 16, p. 100501, 2024. Available from: https://doi.org/10.1016/j.chbr.2024.100501
R. O. Andrade, S. G. Yoo, L. Tello-Oquendo, and I. Ortiz-Garcés, "A comprehensive study of the IoT cybersecurity in smart cities," IEEE Access, vol. 8, pp. 228922–228941, 2020 Available from: https://doi.org/10.1109/ACCESS.2020.3046442

Cites this article as

S. Balwante, J. Dhamdhere, K. Pawar, "Design and Implementation of an Enhanced Web Application Vulnerability Scanner", International Journal of Innovative Research in Engineering & Management (ijircst), Vol-13, Issue-2, Page No-89-95, 2025. Available from: https://doi.org/10.55524/ijircst.2025.13.2.13

Corresponding Author

ShriKrishna Balwante

Assistant Professor, Department of Master of Computer Application, School of Engineering, Ajeenkya D Y Patil University, Pune, India

Download Full Paper

Download PDF

No. of Downloads: 14 | No. of Views: 414

Design and Implementation of an Enhanced Web Application Vulnerability Scanner

Citations

Download Full Paper PDF

Total View 414

Total Download 14