Secure Web Application And Penetration Testing

Our website application SWAPT (Secure Web Application and Penetration Testing Tool) aims to assess security vulnerabilities in web applications and generates a set of scan results. Both administrators and attackers can use the same tool to fix or exploit a system, administrator

2025-06-28 16:29:02 - Adil Khan

Project Title

Secure Web Application And Penetration Testing

Project Area of Specialization Cyber SecurityProject Summary

Our website application SWAPT (Secure Web Application and Penetration Testing Tool) aims to assess security vulnerabilities in web applications and generates a set of scan results. Both administrators and attackers can use the same tool to fix or exploit a system, administrators can follow the scan and fix procedures, on the other hand, attackers can conduct a similar scan and exploit any vulnerabilities observed. Web applications are frequently developed under tight deadlines and are frequently deployed with security vulnerabilities. Our SWAPT vulnerability scanners can assist in locating these flaws. We will include scanning like live host, CVE description, subdomain enumeration, HTTP Verb tempering, Web Crawler for URL Gathering. Their goal is to put a lot of stress on the application from the attacker's perspective by forcing a close interaction with it. SQL injection and cross-site scripting (XSS) are two of the most widely used and dangerous attacks in web applications, however, we will add Path traversal and IDOR. Several other vulnerabilities also exist such as cross-site request forgery (CSRF), local file inclusion (LFI), remote file inclusion (RFI), clickjacking, and several others, but these will be implemented in the next version of SWAPT. Comparing key characteristics of web vulnerability scanners is difficult, but not impossible. SWAPT's web vulnerability scanners in this project here Web application code is injected with the most common types of web vulnerabilities, which are then checked by SWAPT scanners. By analyzing coverage of vulnerability detection and false positives, the results are compared. In the end full report consisting of a list of vulnerabilities is shown to the user.

Project Objectives

SWAPT's goal is to identify attack surfaces that can be used by hackers to exploit the system. By using scanning techniques like Live host scanning, CVE Description, Subdomain Enumeration, HTTP Verb Tempering, and Web Crawler to identify the attack surfaces then SWAPT will launch attacks like cross-site scripting, SQL injection to confirm those vulnerabilities.  

Project Implementation Method

SWAPT will be a web-based cyber security application where we will work on developing a crawler, after that we will implement an HTTP verb tampering module, CVE Description, Subdomain Enumeration, Live host scanning and Full Scanning. After that, we will implement Cross-Site Scripting, XSS, IDOR, and path traversal.

Benefits of the Project

Secure web application penetration testing (SWAPT) tool is a web-based online web application that assesses security vulnerabilities in web applications and produces a set of attack surfaces in applications. Both technical and non-technical person, who holds web application or manages it, can use this tool for identifying the system’s vulnerabilities or attack surfaces, administrators need to conduct a scan and fix problems prior to the attacker, as he/she can do the same scan and identify attack surfaces. Once attack surfaces are identified one can implement proper security measures and can guard one’s own resources as well as provide a secure environment in which users are comfortable working using your web application. All this can be done with the help of a web application vulnerability scanner. The attacks include are SQL Injection, XSS, IDOR, and Path Traversal. The newly discovered exploits known as zero-day vulnerabilities are also published on many online hacker forums. These vulnerabilities are exploited to attack organizations which causes financial and data loss to the organizations.

Technical Details of Final Deliverable Final Deliverable of the Project Software SystemCore Industry SecurityOther IndustriesCore Technology OthersOther TechnologiesSustainable Development Goals Industry, Innovation and Infrastructure, Peace and Justice Strong InstitutionsRequired Resources
Item Name Type No. of Units Per Unit Cost (in Rs) Total (in Rs)
Total in (Rs) 33200
Domain Cost Equipment11500015000
Zong Bolt Plus Equipment182008200
Filing Miscellaneous 325007500
Printing Miscellaneous 125002500

More Posts

Consolidated Online Admission System for HIEs
MobiTest
Automatic Bottle Filling and Capping
Protection of micro grid using signal processing technique
Gesture Control Robotic Car with Object placing hand