Professional Documents
Culture Documents
Abstract-- In the digital world, everything gets attack proxy tool, Netcraft, Sparta and network mapper
connected through the network, and when various (Nmap) have been tested through kali Linux platform
services are provided by web applications people are and search engine. ZAP and Nikto tools are
susceptible to hacking. According to the 2019 internet demonstrated in ten different domains to identify the
security threat report by Symantec’s, an average of 4, security weakness. From the analysis medium, low-level
800 websites are vulnerable to digital information theft attacks have been discovered by the ZAP tool. From
(form jacking) attack. The main intent of this paper is the result comparison of the Nikto and zap tool, the
to recognize openness and flaws in networks and web Nikto tool identified more venerability than ZAP.
applications using penetration testing to protect the
institutions from cyber threats. There are many Keywords--Cross Side Scripting, Ethical Hacking,
scanning methods suggested by many authors to Nikto, Nmap, OWASP ZAP, Penetration Testing,
identify the weakness. But in our research, vulnerability Sparta
analysis and assessment are done by the Nikto tool,
[open web application security project] OWASP's Zed
Cybercrime activities are increasing day by
I.INTRODUCTION day and exploit the website due to the absence of
security in network infrastructure [24].
In our daily life, all the domains from The protection of data is the highest priority
banking applications to government organizations level these days so the prominent work is to find
and mobile applications use web services for sending security flaws in the network and web applications.
and receiving information. Web applications are the The main goal of this paper is to find how hackers
most vulnerable to hacking [18]. The foremost tactic identify the loopholes in the network infrastructure
of hackers is to identify loopholes in the network for attacking web applications. Thus vulnerability
infrastructure, steal confidential data and passwords analysis and web assessment techniques are used to
and hack the information from the organizations that gather information and cyber threat-related to it. This
could lead to financial loss. The cybercrime released paper help to secure web applications in the future.
by RSA security report 2019, mentioned 43% fraud The remainder of the article is organized as
increased in social media through web applications follows: section II forms literature review, section III
[28]. briefly explains information gathering using various
Ethical hacking or penetration testing or tools, section IV presents the methodology, section V
white-hat attacks is an important tool for testing of vulnerability analysis and assessment for the testing
computer systems and network applications or web to environment, section VI presents the result and
locate security weaknesses. discussion and the last section gives the conclusion.
The hackers usually attack open websites by
Client-side attack or Server-side attack in different II.LITERATURE REVIEW
methods to enter into networks for finding
vulnerabilities. It is attainable by HTTP methods Hatfield [1] discussed virtue ethics found lacking
such as to get method (through URL), post method in firms while individuals are affected by human
(body of the message), put and delete method or web hacking; therefore he analyzed the ethical theory
cookies (Home Page), and the threats are performed using penetration testing in social engineering with
through automated or manual testing. consideration of virtue ethics. Miriam et al. [23]
Authorized licensed use limited to: Carleton University. Downloaded on July 25,2020 at 21:33:13 UTC from IEEE Xplore. Restrictions apply.
Proceedings of the Fourth International Conference on Trends in Electronics and Informatics (ICOEI 2020)
IEEE Xplore Part Number: CFP20J32-ART; ISBN: 978-1-7281-5518-0
discussed the skills, knowledge, and abilities needed vulnerabilities in web applications such as XML
for cybersecurity researchers in fields related to external entity (XEE) and cross-site request forgery
vulnerability analyses. Zabicki, R& Ellis [19] hackers (CSRF) [6] and Server Site Request Forgery (SSRF)
have identified security weakness in networks and risks have been discovered. The manual and
launch attacks because the internet is powerful in automated assessment methods are used to predict
equipment, staff, code, network elements, and flaws by machine learning and hybrid program
firmware. The case study is done on paper [21] for a analysis.
few tools. This paper has utilized different tools such Murthy and Shilpa [8] proposed a finite-
as Nmap, Metasploit, and meterpreter in Kali Linux state model identifying security weakness in the web
to find flaws. application and implemented a Path generation
Patel [13] introduced Penetration Testing algorithm and depth-first traversal-based test
(PT) and Vulnerability Assessment (VA) techniques generation algorithm to execute initiate functional
to find security loopholes in an organization. tests in the banking domain. Holikand Neradova [9]
Suggested to launch security patches to minimize the introduced two phases such as application
threats and preventive steps against Owasp Top 10. exploitation and reconnaissance to find security flaws
T.Jain & N.Jain [14] contributed two models for in the web applications.
identifying web application flaws by python script Ghanem & Chen [24] recommended
scanner and minimize the vulnerabilities by Reinforcement Learning (RL) to learn complicated
ModSecurity. ModSecurity is a web technique activities and suggested intelligent automated
firewall. Using this technique to find more flaws and penetration testing system (IAPTS) to acquire
differentiate into a low, medium or high level of information, imitate tests and learn from knowledge.
attacks. PERSEUS, GIP, PEGASUS algorithms are used to
Zaher and Babak [11] examined the important solve a partially observed Markov decision process
factors and components considered for penetration (POMDP) problems. Moniruzzaman et al [16]
testing and introduced some tools and processes in IT studied six intrusion vectors of Bangladesh website
regulations. Renaud and Zimmermann [10] presented using the white box and black box testing tool and
a nudge testing for a stronger password for ethical identified web applications are facing serious security
suggestions in the authentication process from the flaws.
various literature. [12] Vance examined the Hassan et al. [22] suggested various
importance of an ethical hacking course to protect analytical tools and techniques for information
computer networks. gathering, network infrastructure weakness and
Ferda [2] used the OWASP analysis tool to website assessment such as domain name, subdomain
measure the vulnerability level in web application discovery, route mapping, the iframe extraction and
security development. Nagpure et al. [7] used IP address tracking using technical footprinting.
automation and manual testing to check Denis et al. [3] did penetration testing on the Kali
vulnerabilities in web applications. A comparative Linux platform for hacking phones Bluetooth, Man-
analysis is executed automatically by OWASP ZAP, in-the-Middle attack, mobile phone penetration
Acunetix and Burp Suite. The manual testing was testing and traffic sniffing using port scanner tool,
done by Vulnerability Assessment and Penetration and vulnerability result are given by graphical
Testing (VAPT) tool and the result was 100% diagram.
accuracy, and manual testing gave better results than From the literature review, the authors used
automation testing. both manual and automatic techniques to find
Cheng et al. [4] outlined different attacks by vulnerabilities in web applications; and many
cybercrime such as ransomware and spear-phishing researchers used different tools to identify flaws in
in websites and evaluated test results using Vulscan applications for security improvement.
and OWASP ZAP web vulnerability scanner. They
would detect cross-site scripting (XSS) and SQL III. INFORMATION GATHERING BY VARIOUS
injection vulnerabilities. XSS a client-side attack TOOLS
where attackers inject scripts into web pages on a
targeted page and SQL injection vulnerabilities are Here Sparta, Network Mapper (Nmap),
done on database servers when input is not fetched Netcraft, Zenmap, Virus total, IP tracking tools are
properly from the databases. analyzed for finding vulnerabilities in the network as
Nirmal et al. [5] explained that during the well as web applications.
Software Development Life Cycle (SDLC) process
web application vulnerability assessment was the
major aspect in security phases. Therefore,
Authorized licensed use limited to: Carleton University. Downloaded on July 25,2020 at 21:33:13 UTC from IEEE Xplore. Restrictions apply.
Proceedings of the Fourth International Conference on Trends in Electronics and Informatics (ICOEI 2020)
IEEE Xplore Part Number: CFP20J32-ART; ISBN: 978-1-7281-5518-0
C. Zenmap
Zenmap is also called network mapper. It is
the Nmap security scanner with a graphical user
interface (GUI) cross-platform for network
discovery. The Zenmap tool discovered the open
ports, HOP count and round trip time (RTT). The
result is shown in FIGURE 3.
03:19 EDT
Authorized licensed use limited to: Carleton University. Downloaded on July 25,2020 at 21:33:13 UTC from IEEE Xplore. Restrictions apply.
Proceedings of the Fourth International Conference on Trends in Electronics and Informatics (ICOEI 2020)
IEEE Xplore Part Number: CFP20J32-ART; ISBN: 978-1-7281-5518-0
F. Virus Total
The virus total service detects URLs for
malicious code and suspicious files.
https://www.virustotal.com is used to discover sub-
domains [29].
E. IP Address Tracking
www.ipfingerprints.com is used to originate
geographical location by passive technical scan
activities to get personal information, Email or URL
[3] [27]. IP tool has five options such as find IP
location, sites on the server, WHOis Lookup, check
open ports, ping test. Cyber-attacks can be possible
using this tool.
Authorized licensed use limited to: Carleton University. Downloaded on July 25,2020 at 21:33:13 UTC from IEEE Xplore. Restrictions apply.
Proceedings of the Fourth International Conference on Trends in Electronics and Informatics (ICOEI 2020)
IEEE Xplore Part Number: CFP20J32-ART; ISBN: 978-1-7281-5518-0
IV. METHODOLOGY
FIGURE 8. Steps for detecting vulnerabilities
The experiments are done using Intel (R)
Pentium (R) CPU N3710 1.60 GHz with 4GB RAM.
The data were collected from Hospitals, Engineering In ZAP, the four modes of attack such as
colleges, Government Organizations, Schools, standard mode, protected mode, attack mode, and
Healthcare Companies, Business Organization, safe mode are used to identify vulnerabilities on the
Sports, Banks, Financial Organization, IT Industries, web. Here scanning testing is demonstrated on
and then vulnerability analysis and assessment were standard mode to identify risks using Get method.
executed for 100 websites using hostname/ host ID. The vulnerabilities found in this tool are explained
The scanning process was performed on the kali below:
Linux platform using penetration testing on the top
ten websites of each domain.
Authorized licensed use limited to: Carleton University. Downloaded on July 25,2020 at 21:33:13 UTC from IEEE Xplore. Restrictions apply.
Proceedings of the Fourth International Conference on Trends in Electronics and Informatics (ICOEI 2020)
IEEE Xplore Part Number: CFP20J32-ART; ISBN: 978-1-7281-5518-0
Authorized licensed use limited to: Carleton University. Downloaded on July 25,2020 at 21:33:13 UTC from IEEE Xplore. Restrictions apply.
Proceedings of the Fourth International Conference on Trends in Electronics and Informatics (ICOEI 2020)
IEEE Xplore Part Number: CFP20J32-ART; ISBN: 978-1-7281-5518-0
VII. CONCLUSION
2.5
Using penetration testing, security weakness
2 has been detected in all areas of domains finding
medium and low-level alerts with the OWASP ZAP
1.5 tool. Our research and experimentation using
Nikto
1 automated testing have detected more vulnerabilities
such as The X-XSS-Protection header is not defined,
0.5
Zed
Uncommon header found, SSL and the strict-
Attack transport-security HTTP header is not defined, Server
0
1 2 3 4 5 6 7 8 9 101112131415 Proxy( leaks inodes via ETag, Retrieved x-powered by a
ZAP) header from the Nikto tool than from OWASP ZAP.
Vulnerabilities and Different vulnerabilities such as cookie without
Threats
secure flag, cross-site request forgery (CSRF), URL
rewriting and application error disclosure alerts have
been detected by both the tool in web applications
Figure 13. The comparison result of OWASP ZAP and Nikto testing. This paper has a detailed security weakness
Tool using penetration testing and discussed security
weaknesses in network infrastructure and web
Figure 13 mentions different vulnerabilities and applications. Protecting the web applications and the
threats are mentioned below; infrastructure from attacks is very important in future
1. Session ID in URL rewrite research work.
2. Application error disclosure
3. X Frame options Header not set REFERENCES
4. Cross-domain JavaScript source file inclusion [1] Hatfield, J. M. (2019). Virtuous human hacking: The ethics of
5. Content-type header missing social engineering in penetration-testing. Computers &
6. Web browser XSS protection not enabled Security, 83, 354-366.
7. X-content type options header missing [2] Sönmez, F. Ö. (2019). Security Qualitative Metrics for Open
Web Application Security Project Compliance. Procedia
8. Cookie no HTTP only flag and without secure flag Computer Science, 151, 998-1003.
9. The X-XSS-Protection header is not defined [3] Denis, M., Zena, C., &Hayajneh, T. (2016, April). Penetration
10. Uncommon header found testing: Concepts, attack methods, and defense strategies.
11. SSL and the strict-transport-security not defined In 2016 IEEE Long Island Systems, Applications, and
Technology Conference (LISAT) (pp. 1-6). IEEE.
12. Security HTTP header is not defined
[4] Huang, H. C., Zhang, Z. K., Cheng, H. W., & Shieh, S. W.
13. Server leaks inodes via ETags (2017). Web application security: threats, countermeasures,
14. Retrieved x-powered by header and pitfalls. Computer, (6), 81-85.
[5] Nirmal, K., Janet, B., & Kumar, R. (2018, July). Web
The red line indicates flaws detected by Application Vulnerabilities-The Hacker's Treasure. In 2018
International Conference on Inventive Research in
Nikto tool and blue line ZAP tool vulnerabilities. Computing Applications (ICIRCA) (pp. 58-62). IEEE.
Nikto tool identifies vulnerability as the OWASP tool [6] Aarya, P. S., Rajan, A., Sachin, K. P. S., Gopi, R., &Sreenu, G.
does. Nikto tool finds some additional information (2018, June). Web Scanning: Existing Techniques and
Future. In 2018 Second International Conference on
such as server, ciphers and Secure Socket Layer Intelligent Computing and Control Systems (ICICCS) (pp.
(SSL) information. SSL cryptographic protocols are 123-128). IEEE.
used in computer networks for communication [7] Nagpure, S., & Kurkure, S. (2017, August). Vulnerability
assessment and penetration testing of Web application.
security. The vulnerabilities and threats discovered In 2017 International Conference on Computing,
by the Nikto tool are higher than those by the Communication, Control and Automation (ICCUBEA) (pp. 1-
6). IEEE.
OWASP ZAP tool, and by comparison, it is clear that [8] Murthy, P. V. R., & Shilpa, R. G. (2018, September).
some vulnerability missed by the OWASP ZAP tool Vulnerability Coverage Criteria for Security Testing of Web
Applications. In 2018 International Conference on Advances
is found by Nikto tool. The lack of security may lead in Computing, Communications, and Informatics
advanced hackers to exploit those flaws. In the (ICACCI) (pp. 489-494). IEEE.
future, a high level of risk is possible and therefore [9] Holík, F., &Neradova, S. (2017, May). Vulnerabilities of
modern web applications. In the 2017 40th International
identifying loopholes at an early stage in the network Convention on Information and Communication Technology,
and web application is necessary. “Prevention is Electronics and Microelectronics (MIPRO) (pp. 1256-1261).
IEEE.
better than cure” is the best motto for securing
cyberspace from attackers.
Authorized licensed use limited to: Carleton University. Downloaded on July 25,2020 at 21:33:13 UTC from IEEE Xplore. Restrictions apply.
Proceedings of the Fourth International Conference on Trends in Electronics and Informatics (ICOEI 2020)
IEEE Xplore Part Number: CFP20J32-ART; ISBN: 978-1-7281-5518-0
[10] Renaud, K., & Zimmermann, V. (2018). Guidelines for ethical [18] Najera-Gutierrez, G., & Ansari, J. A. (2018). Web Penetration
nudging in password authentication. SAIEE Africa Research Testing with Kali Linux: Explore the methods and tools of
Journal, 109(2), 102-118. ethical hacking with Kali Linux. Packt Publishing Ltd.7
[11] Al Shebli, H. M. Z., & Beheshti, B. D. (2018, May). A study [ 19 ] Devi R Sri & Kumar M Mohan(2019) ,Cyber Security
on penetration testing processes and tools. In 2018 IEEE Affairs in Empowering Technologies, International Journal
Long Island Systems, Applications, and Technology of Innovative Technology and Exploring Engineering
Conference (LISAT) (pp. 1-7). IEEE. (IJITEE) ISSN: 2278-3075, Volume-8, Issue-10S, August
[12] Poteat, V. E. (2005). Classroom ethics: hacking and 2019, DOI: 10.35940/ijitee.J1001.08810S19
cracking. Journal of Computing Sciences in Colleges, 20(3), [20] Hassan, N. A., & Hijazi, R. (2018).Technical Footprinting.
225-231. In Open Source Intelligence Methods and Tools (pp. 313-
[13] K. Patel, "A Survey on Vulnerability Assessment & 339). Apress, Berkeley, CA.
Penetration Testing for Secure Communication," 2019 3rd [21] Armstrong, M. E., Jones, K. S., Namin, A. S., & Newton, D.
International Conference on Trends in Electronics and C. (2018, February). What Vulnerability Assessment and
Informatics (ICOEI), Tirunelveli, India, 2019, pp. 320-325. Management Cybersecurity Professionals Think Their Future
doi: 10.1109/ICOEI.2019.8862767 Colleagues Need to Know. In SIGCSE (p. 1082).
[14] T. Jain and N. Jain, "Framework for Web Application [22] broadcom.com (2020) [online] Available at
Vulnerability Discovery and Mitigation by Customizing https://www.symantec.com/en/sg/security-center/threat-
Rules Through ModSecurity," 2019 6th International report 9 [Accessed 20 July.2019]
Conference on Signal Processing and Integrated Networks [23] tools.kali.org .(2019). Nmap network discovery tool [online]
(SPIN)Noida,India,2019,pp.643-648.doi: Available at https://tools.kali.org/information-
10.1109/SPIN.2019.8711673 gathering/nmap [Accessed 22 July. 2019]
[15] Ghanem, M. C., & Chen, T. M. (2020). Reinforcement [24] ipfingerprints.com(2020) IP address Geographical location
Learning for Efficient Network Penetration finder and more [online] Available at
Testing. Information, 11(1), 6. https://www.ipfingerprints.com [Accessed 12 March. 2020]
[16] M. Moniruzzaman, F. Chowdhury and M. S. Ferdous, [25] rsa.com (2019). Cybersecurity and Digital Risk Management
"Measuring Vulnerabilities of Bangladeshi Websites," 2019 Solution [online] Available at https://www.rsa.com/en-
International Conference on Electrical, Computer and us/offers/2019-current-state-of-cybercrime-white-paper
Communication Engineering (ECCE), Cox'sBazar, [Accessed 19 July. 2019]
Bangladesh, 2019,pp.1-7.doi:
[26] virustotal.com(2020) Analyze suspicious files and URLs to
10.1109/ECACE.2019.8679426
detect malware [online] Available at
[17] Zabicki, R., & Ellis, S. R. (2017). Penetration Testing. https://www.virustotal.com [Accessed 12 March. 2020]
In Computer and Information Security Handbook (pp. 1031-
[27]courser.com Penetration testing
1038). Morgan Kaufmann.
introduction[online]https://www.coursera.org/learn/introducti
on-cybersecurity-cyber attacks/lecture/t4Xyl/penetration-
testing-introduction[Accessed 24 March .2020]
Authorized licensed use limited to: Carleton University. Downloaded on July 25,2020 at 21:33:13 UTC from IEEE Xplore. Restrictions apply.