EWU Institutional Repository

Web and Software Security

Show simple item record

dc.contributor.author Talaha, Ashikin
dc.contributor.author Chowdhury, Ayan
dc.date.accessioned 2022-05-24T05:03:10Z
dc.date.available 2022-05-24T05:03:10Z
dc.date.issued 2019-08-26
dc.identifier.uri http://dspace.ewubd.edu:8080/handle/123456789/3551
dc.description This thesis submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Information and Communication Engineering of East West University, Dhaka, Bangladesh en_US
dc.description.abstract About 200 million websites are active at present. Billions of people use web applications for transferring information, money and communicating with each other. Web applications are made by humans. So, there may exist many kinds of vulnerabilities. The main reason for the weakness is the lack of choosing the proper programming languages. There are a lot of web application attacks that are existing now such as SQL injection, Buffer overflow, security misconfiguration, cross-site scripting, etc. So, the security issues of web applications are a great concern in presents. Developers are very interested to know about any kind of attack. In this project, we have created a tool to find different types of web application vulnerabilities of particular websites. This ‘D-tect’ tool will check eight dangerous and critical web application attacks. They are WordPress username enumerator, sensitive file detector, sub-domain scanner, port scanner, WordPress scanner, cross-site scripting (XSS), WordPress backup grabber, SQL injection. The tool will show host address, IP address, header information, the vulnerable scopes and server of the web application. There will be also detection of WordPress as it is mentioned that some vulnerabilities may arise due to using WordPress. The tool will check 1904 ports to find out the vulnerable ports. Sub-domains may have vulnerable DNS resolver that may help the attacker to exploit a system. That will be also scanned by the tool. The WordPress backup system will be also analyzed to find whether it is vulnerable or not. So, the tool will check for particular ports and try to inject different types of attacks. Then the corresponding result will be visible. This tool is created by using python and different modules and functions of python. There are different types of modules and functions are used to create the tool. the program can be run till the user wants to stop scanning. en_US
dc.language.iso en_US en_US
dc.publisher East West University en_US
dc.relation.ispartofseries ;ECE00230
dc.subject Web and Software Security en_US
dc.title Web and Software Security en_US
dc.type Thesis en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Advanced Search

Browse

My Account