Web Services Vulnerability Testing Using Open source Security Scanners : An experimental Study

Manju Khari, Neha Singh

Computer Science Department, Guru Gobind Singh Indraprashta University, Dwarka, Delhi , India


Web application users and web application vulnerabilities are increasing. Today web  applications turning out to be tools of everyday use by many users with the growing popularity of the web. With this web application users are more prone to malicious attacks consequently the need of web security testing arises as well. As security testing helps to mitigate vulnerabilities in the web applications which is quite intricate process so requires the use of efficient security testing technique. Frequently occurring security vulnerabilities in web applications result from generic input validation problems. Examples are SQL injection and Cross-Site Scripting (XSS) etc. These vulnerabilities are more often exploited by attackers to access sensitive information form the websites for their personal gain. Black Box scanners offers a good choice to test for vulnerabilities in an automated fashion. Although the majority of web vulnerabilities are easy to understand and to avoid but still many web developers are not security aware. As a result, there exist many web sites on the Internet that are vulnerable. This paper Shows the experimental study of open source web scanners that help detecting the potential vulnerabilities. Also there an approach (Black Box based) has been proposed that brings out the rules to confirm the presence of SQL injection vulnerability in particular web application or services.This can help reduce the false positives and increase effectiveness of the scanners.




Black-box web vulnerability scanners are a category of tools that can be used to identify security issues in web Applications[1]. These tools are often known as “point-and-click pentesting” tools that automatically assess the security of web applications with little or no human intervention. These tools access a web application in the same way users do, and, therefore they are  independent of the particular technology being used to implement the web application at the server side. However, these tools should also be able to access and test the application’s various components, which are often hidden behind forms like JavaScript-generated links and Flash applications[3]. Black-box web application vulnerability scanners are automated tools that explore web applications for security vulnerabilities. In black-box testing, the source code is not examined instead, special input test cases are generated and sent to the application. Then, the results returned by the application are analyzed for unforseen behavior that indicate loopholes or vulnerabilities[2].

Some features of Black-box web vulnerability scanners are:

  • Black-box web vulnerability scanners are a modern choice for finding security loopholes in web applications in an automated manner.
  • These tools functions in a point-and-shoot manner, testing any web application—regardless of the server-side language—for common security vulnerabilities.
  • Black-box tools suffer from a number of limitations, particularly when interacting with complex applications that have multiple actions.
  • If a vulnerability analysis tool does not take into consideration changes in the web application’s state, it might ignore vulnerabilities or completely overlook entire portions of the  application[4].

Classical black-box web scanners crawl a web application to enumerate all reachable pages and then inject some input data (URL parameters, form values, cookies) to trigger vulnerabilities. However, this approach ignores a key aspect of modern web applications: The state of the web application changes according to the current request[3]. Web application (black-box) scanners perform security tests on Web applications by (usually) first crawling through the entire Web site that’s holding the Web application, and then running specific security test cases wherever possible. All the tests are performed over the HTTP protocol.They are not only effective at finding attack incidents like cross-site scripting and SQL injection , but also at finding configuration management issues (related to Web servers). These tools are usually not aimed at developers, this makes the mitigation process complex[10].


2.Web Service Introduction.

A Web service is a standardized way of establishing communication between two Web-based applications by using open standards over an internet protocol backbone. Generally web applications work using HTTP and HTML, but web services work using HTTP and XML. Which as added some advantages over web applications. HTTP is transfer independent and XML is data independent, the combination of both makes web services support a heterogeneous environment


Click here to View / Download Full Paper

Volume -02, Issue -07 , July 2014.


Leave a Reply