The Development of Web Security Scanner Based on XSS and SQL Injection Method

Gunawan, Ibnu and Noertjahyana, Agustinus (2012) The Development of Web Security Scanner Based on XSS and SQL Injection Method. In: ICSIIT 2012, 23-05-2012 - 24-05-2012, Denpasar, Bali - Indonesia.

[img] PDF
Download (496Kb)
    Official URL: icsiit.petra.ac.id


    Nowaday, there is so many vulnerabilities in web application layer. This is because of security issues that are often overlooked by a web developer when creating a website. In fact, caused by the presence of vulnerabilities on a website, a hacker can do a variety of activities that destroy of website. Adverse events that can be done by a hacker includes changing the web page (defacing), obtain sensitive information, even taking over control of the website system. To help overcome these problems, we make an application to detect vulnerabilities that exist on a website. The process is started by crawling to get the entire link from the target website. Followed by attacking the process that is useful to attempt an attack on a link that has the potential security hole. The application will then continue in the process of reporting where the application would create a vulnerability report on the website. This application was built using Microsoft Visual C # 2010. Based on the results of tests made on this application, it can be concluded that the application can detect vulnerabilities in the website and report any form of link that has a security hole on the website.

    Item Type: Conference or Workshop Item (Paper)
    Uncontrolled Keywords: Web, application, security, scanner, xss, sql, injection
    Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
    Divisions: Faculty of Industrial Technology > Informatics Engineering Department
    Depositing User: Admin
    Date Deposited: 13 Jul 2012 23:15
    Last Modified: 05 Nov 2012 17:33
    URI: http://repository.petra.ac.id/id/eprint/15792

    Actions (login required)

    View Item