Vulnerability Assessment of Web Applications using Penetration Testing

Abstract

In recent years, utilization of web applications, web hacking exercises have grown exponentially. Organizations are confronting extremely critical difficulties in anchoring their web applications from rising cyber threats, as bargain with the assurance issues don't appear to be the right approach. Vulnerability Assessment and Penetration Testing (VAPT) methods help us find these vulnerabilities / security loopholes in our systems even before an intruder could find a way to get it. This helps avoid zero-day exploits. This paper aims to elucidate the overview of Vulnerability Assessment and Penetration Testing and introduce the most efficient open source tools used to perform these tests. This paper also presents a combined VAPT testing methodology that incorporates strengths of several existing approaches, with the goal to understand their utility and benefit the most from the tests.