The Study on Assessment of Security Web Applications

maah37@qu.edu.sa Abstract— Nowadays, technology has an important role of our life, including smart devices, social media due to the importance of security and web for interaction so it has become targeted it by cybercriminal. The growing threat of cybersecurity has prompted the kingdom to pay more attention to its national cybersecurity strategy as the state embarks on a Vision 2030 plan, which aims to diversify the economy and create new jobs. Therefore, Web Applications are always having security threats, which considered as a big problem. Several steps introduced successful analysis of vulnerabilities in web applications. There are now no effective and simple-to-use techniques available for evaluating the security of such apps. This creates a window of opportunity for hackers to launch a successful assault. In this paper, we propose an efficient approach for assessing vulnerability that is based on the Python programming language. which can used to conduct Vulnerability Assessment on web applications. This work will be use-ful for organizations and programmers to keep their information and applications more secure and viable for usage in sensitive


Introduction
This Since the beginning of the web in 1989 and expansion of the internet widely to facilitate life fields such as education, health, transportation, and national security and so many fields but with ease-of-use technology, the security issues come with it. Unauthorized access to web application and manipulate it causes a lot of financial damage and destroys infrastructure, which leads to economic paralysis and threatens public security. Recently security became major factor in our life for every individual, or organization and governments, and security is how to protect your information against any attack or threats. Protection done by detecting threats and try to prevent those threats from affecting the system [1]. There are many types of security and we will focus on information Technology security as in Figure 1 [2].
Weak security can cause many major troubles such as confidential data is compromised, negative public image, financial losses and legal issues, so there is no organization can operate and success with weak security. For many years, Saudi Arabia suffered continuous of numerous cyber-attacks on its infrastructure systems, which cause losses The term web application refers to a software that uses web browsers to carry out activities via the web. Web application uses ASP and PHP for store the information and uses HTML languages and JavaScript for displaying the information to the client. As result of importance of the data, the number of attacks has increased and hackers, target web application and that cause several vulnerabilities. Foreign statistics indicated that the cost of cybercrime in the Kingdom amounted to $ 2.6 billion, while the percentage of attacks on Saudi companies reached 69% [4].
Vulnerability assessment is performing a technique to find the security defects and it can be done by manual or automatic search techniques. Vulnerability assessments can target multiple technology layers such as internet layers [5]. The problem started since the emergence of the way of communication though the web application. Vulnerabilities one of the problems that may cause harm to our system for the user and because of the simplicity of the http which using in email so that anyone can communicate with anyone just by having an email. Application layer uses Hypertext Transfer Protocol to disseminate and cooperate hypermedia information systems, while Transport Layer Security encrypts the connection [6]. Even if the connection is encrypted, these tools fail horribly when evaluating HTTPS web apps. It is easy to case hard user and this the pave way for hackers to easily to attack. Therefore, our framework is easily an efficient method about security assessment using python language on web applications to find a best solution and practices to be protected, which make the economy saved and creates jobs. This paper is organized as follows: Section 1 presents an introduction to security of application. Section 2 the related work and techniques. Section 3 reviews some discussions about types of vulnerability scanners, feedback and solutions. Section 4 presents the conclusion and future work.

Related concepts and techniques
This part presents the related concepts and techniques used in security assessment of web applications. In addition, we define and explain what assessment methods are and how they work.

History of vulnerability scanning
In the late 90s and early 2000s, the first vulnerability scanners were released. In comparison to the present day, there were not many dangers in those days. In the year 2000, for example, 1,020 vulnerabilities were discovered. In comparison, 2018 saw a whopping 16,555 vulnerabilities discovered.
The scanning and processing in those days was largely manual, with the survey program reporting on the weaknesses found that need to be analyzed to confirm their accuracy and validity by someone in the IT department.
The report would be sent to IT department heads for review and approval. Then once approved system officials will address security vulnerabilities and follow up another scan of security gaps to verify the results. The number of threats has gradually risen over the last decade, with 4,652 new vulnerabilities identified in 2010 and 6,447 new threats revealed in 2016. However, beginning in 2017, there was an uptick in threats that continued until 2019 [7].

Concept and definitions
The effective examination of web application vulnerabilities has been introduced in various stages throughout the years. Authentication, session management, authorization, cryptographic data validation, denial-of-service attacks, specific risk functionality, and error handling are among them. [8].
An application's security risk assessment finds, assesses, and applies critical security controls. It also focuses on avoiding faults and vulnerabilities in mobile apps. An company may use a risk assessment to examine the whole program from the attacker's point of view.
It provides assistance to managers in making security-related choices. As a result, directing an evaluation is a delicate part of the organization's risk management process to navigate.
Developing an effective security risk assessment methodology involves four stages. [9]: 1. Identification: Determine the technological infrastructure's key assets. Following that, diagnose critical data that these assets generate, store, or transfer. Create an individual risk profile for each. 2. Assessment: Managing a process for evaluating the particular security threats associated with critical assets. Following assessment, choose the most effective and efficient way to devote time and resources to mitigating risks. The strategy or methodology used to conduct the assessment should examine the connection between vulnerabilities, threats, assets, and mitigating controls. 3. Mitigation: Define a risk mitigation strategy and put in place security measures for each one. 4. Prevention: Implement tools and procedures to help prevent threats and weaknesses in your firm's resources from occurring.
HTTPS (Hypertext Transfer Protocol over Secure Sockets Layer) was a game changer in the area of online security. Since its debut, an increasing number of businesses have migrated to HTTPS web servers, with search engine behemoths like Google publicly saying that they give a substantial advantage to websites that use HTTPS during searches. Although SSL is supposed to be highly safe, it has been shown to have many hidden weaknesses. Figure 2 shows a comprehensive security assessment. The architecture structure of web applications determines interactions between applications, intermediate software databases, and systems to confirm that multiple applications can execute together. Clicking on "Transition" after typing in the URL causes the browser to locate and request this particular page from the website's Internet-facing machine. Upon receiving a response from the server, the browser is then sent files from the server. These files are then executed by the browser to display the requested page for the user. The user may now engage with the website directly. All of this happens in a matter of seconds, of course. Figure 3 shows what might happen if people didn't care about websites. You have the server and the client when dealing with web applications. There are really two applications operating at the same time. [10,11]: • The code that runs on the user's computer and reacts to commands sent by the browser. • The server-side code that responds to HTTP requests.

Previous studies & related works
End-user secure online application services, which are increasingly the main issue of each industry, are the focus of sustainable security. A research involving four thousand professionals was conducted by the Global Executive Report on Sustainability. The attitude of constantly forcing them to implement security models for readily accessible online apps was agreed with by 48 percent of respondents. Web application security is often overlooked, according to survey participants, despite the fact that security at the design stage is essential. Most security professionals rely on simple network engineering and flimsy frameworks, which have a negative impact on long-term viability. Indeed, the impact of sustainability on design elements must be assessed. [12]. Table 1 summaries some of Vulnerability Assessment Tools in Previous Studies for Web Applications. Help a penetration tester to achieve the rigorous vulnerability assessment tests that can cover the most of the vulnerabilities.
1-Selecting a set of tools in an optimized and organized way. Proposed testing phases -"Identify", "Analyze", "Test", and "Report". 2-Combination of diversified tools, such as W3AF and Nikto used as a demonstrator.
If the vulnerability test is conducted by only one tool, it may not be possible to investigate all the vulnerabilities.
It can be used in hotel accommodation web application also; hotel websites are also too vulnerable.
Observed vulnerability after testing, solved this vulnerability and further a framework is presented which enhances the security of this proposed framework.
In the financial industry, there are more problems, as well as organizations and customer sensitive and private data. Both XSS and CSRF attacks are very common, and both of these attacks are implemented through breaching the users' confidence in the applications and services that they rely upon on a daily basis.
1-XSS 2-CSRF [18] We classify the related work according to Vulnerability consider it as the following: 1-Injection vulnerabilities [19]: Occur when an attacker targets databases or directories linked to your web applications with unfiltered, often dangerous data. Typically, injection attacks are carried out in one of two ways. SQL injection's original application is to target your databases. Second, to compromise routes, LDAP injection is utilized.
The Effects: Injection attacks exploit weaknesses by exploiting input fields that connect with directories and databases. Usernames, passwords, and other places that interact with the target are among them. When a database or directory is being developed, these fields are often left exposed owing to the absence of an input filter.
The Solution: There are many methods in which we may assist in preventing injection attacks. The greatest protection is to add filters to your inputs. With SQL databases, we may begin by utilizing prepared statements, which assist protect against attackers altering queries. Second, using LDAP injections, we may utilize protocols as escape variables to prevent the directory from being manipulated by characters used in injection attempts.
2-Broken Authentication [20]: Authentication enables applications to identify and verify their users. As a consequence, deactivated authentication may enable attackers to get access to and acquire the same rights as the target user, resulting in significant security holes in the online application. Issues with authentication may allow attackers unfettered access to your data and cause havoc with your online application.
The Effects: Authentication flaws may include poorly hashed and salted passwords, data breaches involving user accounts, incorrectly configured timeouts, brute force attacks, or common password stuffing attacks such as password1 or admin1234.
The Solution: It's possible to protect your web application against authentication flaws with a simple patch. Multi-factor authentication may assist in confirming that the person is who they say they are. Creating strong passwords and updating them on a regular basis may help you avoid common password mistakes. Finally, by correctly setting password security and timeouts in your database, you may avoid authentication problems.

3-Sensitive Data Exposure [21]
: Sensitive data is transmitted or kept without encryption or other security measures, making data susceptible to a variety of assaults.
The Effects: Data that isn't password-protected may be accessed in two ways. It is possible to steal data packets while they are being sent between a user and a client using techniques such as a man-in-the-middle attack. In addition, stored data, even if it is more complicated, may be exposed if encryption keys are stored with it, or if the salt/hash is poor.
The Solution: Preventing sensitive data leakage is critical to app security. Due to data vulnerabilities in transit, HTTPS, and PFS, ciphers must be used for incoming data. Deactivating sensitive data caching is another method to safeguard data. Removing obsolete or unwanted data reduces coverage. No data, no risk.

4-Missing Function Level Access Control [20]:
When server-side authorisation is incorrect, faulty, or not present, vulnerabilities may arise, which can expose your backend to malicious attacks and compromise your security.
The Effects: Front-end UIs built with components to allow administrators access to data or other critical app parts are often the target of these assaults. Most users will not be able to view the admin function in this scenario, but those searching for flaws will be able to discover and exploit this vulnerability with malicious queries.
The Solution: Fixing this problem is straightforward. All server-side authentication must be enabled and set in order to prevent unauthorized access from occurring.

5-Security Misconfiguration [21]
: Web applications are often misconfigured, exposing attackers to a slew of flaws Non-patched faults, unused pages, obsolete software, and debug mode running may all lead to security misconfigurations.
The Effects: Misconfigurations in your web security may have an impact on every element of your apps. When a configuration error is discovered, a security audit must be performed to look for any attacks or security breaches.
The Solution: Avoiding security configuration flaws is a straightforward process. A deployment protocol may be used to constantly create and distribute updates within a safe environment, or a segmented application design can assist prevent security vulnerabilities from arising. Automatic deployment will help keep your apps up to date and protect you from cyber threats, among other benefits.
6-Cross-Site Scripting (XSS) [22]: Cross-site scripting is a method of attacking a user's web browser by injecting malicious code into seemingly harmless websites. The code will be entered by an attacker via a link, which will entice the user into clicking on the link and running the code in question. Users' camera, location, and other personal data and functionalities are accessible by attackers who utilize JavaScript to exploit XSS vulnerabilities in Java.
The Effects: Unsanitized input is prone to XSS. Aside from stealing cookies, XSS may enable attackers to obtain browsing history and other data.
The Solution: Sanitizing input is the best solution to XSS problems. Python, one of the most generally recognized and extensively used programming languages in 2021, is used to develop a broad range of software, including online applications, video tools, desktop programs, network servers, and machine learning. As a result of this new technology, libraries will have better access to controls and integration. The top programming languages for 2021 are summarized in the IEEE spectrum. The following list of programming languages has been compiled based on the most widely used ones.

Discussion
The analysis involves studying the currently available models to lead us to a new model without making the same mistakes, Depending on the analysis of the current models and user requirements. In this section, we analyze the user requirements by collecting data and then we design and develop our model based on an appropriate methodology.

Types of vulnerability scanners
Vulnerability scanners for web apps that are automated are among the most well-known and highly rated vulnerability scanners available (all of them support HTTP only) as: 1. Net Nirikshak 1.0: is a powerful tool for assessing a company's security posture and spotting potential security flaws before they happen. Since it's fully automated and gives the User/Tester an Interactive window, using it is faster and easier while maintaining high levels of Accuracy. It also performs all security auditing procedures in one go, so the tester doesn't have to search for additional tools to round out the job at hand. … read more It comprises five stages: information gathering, scanning, vulnerability detection, exploitation, and report generation. The information gathering stage is the first step [23].

2.
Samurai framework: is a collection of very strong facilities, each of which targets a distinct set of vulnerabilities. Comes as a Linux distro with the sole purpose of testing browser-based vulnerabilities. It also includes penetration-testing tools like as WebScarab for setting HTTP and W3AF for app-based assaults [8]. 3. Safe3 scanner: is capable of dealing with HTTP sessions as well as cookies. Safe3 scanners are capable of dealing with virtually any form of authentication. It has a scary web feature that ignores repeated page scans while still detecting JavaScript gaps on the client's end. Safe3 scans also identify the potential of the most recent AJAX-based assaults and even identify script libraries that are at danger. A simple to use visual user interface allows you to create professional-looking management reports in minutes [8].

Websecurify:
If there is a big web farm with a team of engineers or a comparable environment that maintains code, may traverse the code and identify such gaps fast. It is one of the few platform-agnostic tools that also enables mobile coding [24]. 5. SQLmap: is capable of altering not just SQL-injection errors, but also the database server. Because it is task-oriented, it works fast for fingerprint databases, platform files, and operating system information, and ultimately fetches data from the server. It is compatible with almost all well-known database engines and is capable of performing password guessing attacks [25].
It's clear that the well-known tools for testing web apps for vulnerabilities listed above only support HTTP. There is a pressing need for a new, user-friendly tool for evaluating HTTPS web applications for security flaws. This project aims at development of such a tool, which would form a basis of solving some of the issues faced by HTTPS web applications [26][27][28][29].

Feedback and statistics
In this section, we measured the public awareness of the thread of web application attack to help us identify the extent of people understanding and how to deal with these issues, which includes the most of the responses from beginners and intermediate with almost the same percentage. To collect the data that helps this study, a questionnaire was used to find out how much users know about challenges of security in web application. It has 85 responses collected by google form, which included thirteen specialized questions as in Figure 4. 3) Injection, sensitive data and using components have the most results as common vulnerabilities than others. 4) More than 25% have been attacked through the internet most of them have been asked for their credit card according to their assessment. 5) Viruses get the highest percentage responses of the experienced attack. 6) Steal my important data, damage my system, observe my actions and activities, control my system by a remote attacker, weaken my protection system last Slow down the Internet connection have been sorted respectively by the response as attack effect. 7) 32% described the treatment cases of the affected system as difficult.
8) The main point in system protection against attacks shows that 20.8% of users do not used protection software on their systems. 9) The following responses in Figure 5 measure the affected factors of the assessment. 10) More than a half agree with that the current government is strong enough to protect their privacy from illegal tools as in Figure 6.

Solution & recommendation
To create dependable and resilient web applications, we must evaluate the security that allows us to monitor, analyze, and quantify application behavior in the face of a variety of defects and assaults. In this article, we presented a scanning tool (a Python-based automated tool) for analyzing and assessing the vulnerabilities of online applications in real time. It is an online system, which simulates an institution environment. This scanner allows us to determine how attacks and crashes affect web applications, detect attack points, and examine how important it is for web app components to behave during an attack or system error as shown in Figure 7.
The study contains multi pages and databases. HTML and CSS will be used in the presentation layer (Front end) whereas PHP will be used in the backend. For the database, MySQL will be used and few code snippets of JavaScript were used for some client-side validations. We had divided our work in to four pieces. Front End Development, Back End Development, Database Connections and Operations and Hacking Attacks. After determining requirements, so the data flow will represent steps as shown in the Figure 8.
The tool contains 4 phases as the following:

1) Planning:
This phase consisted of all activities that we needed to be performed before the actual vulnerability assessment. 2) Information Gathering: we will gathering information about the specific websites, which will be helpful in the finding of vulnerabilities.

3) Vulnerability Assessment: Includes Port Scanning, Certificate Verification and
Vulnerability Detection. 4) Report Generation: This is the last phase of the working of the tool. On completing the vulnerability analysis, a report is generated in the form of a text file containing all the necessary details of the Assessment.

Conclusion and future work
In this solution model we learned the hacking attacks firstly, then looked for the previous work, searched for assessment tools. This paper discussed the security web application assessment approach for user review classification. The broad implications of this categorization will assist both industry websites and general users in displaying reviews more efficiently and making decisions when they have access to them. Other categories will be dealt with in the future, as well as a deeper analysis of the data in the form of graphs to be implemented.