Web Application Vulnerability Scanner

Authors -Associate Professor Dr. A Selva Reegan, Kumaragurubaran T K, Sriman.V, Nishanth D

Abstract- – The application named VScanner which can help in the process of complete web application security scanning which automates the entire process of Vulnerability scanning. It outperforms the work of subdomain enumeration along with various vulnerability checks and obtaining maximum information about your target. VScanner uses lot of techniques (passive, bruteforce, permutations, certificate transparency, source code scraping, analytics, DNS records…) for subdomain enumeration which helps you in getting the maximum and the most interesting subdomains. It save the output in a seperate folder. so that you can check the scan after it was done and also you can check it manually after completing the automation. It has multiple usage options like to scan a single domain or to scan a domain which has large number of subdomains. It can check for subdomain takeovers vulnerability, which can prevent your subdomain being hacked by hackers. If organization like google, amazon, Microsoft have more subdomains. It was very difficult for them to handle it manually. By automating this processs they can easily find which subdomain is vulnerable. It achieves various vulnerability checks like XSS, Open Redirects, SSRF, CRLF, LFI, SQLi, SSL tests, SSTI, DNS zone transfers, and much more. Along with these, it performs OSINT techniques, directory fuzzing, Google dorking, ports scanning, screenshots, Vulnerability scan on your domain.

DOI: /10.61463/ijset.vol.10.issue2.218