Current Volume 10
The importance of Web Application Security grows daily as more organizations are threatened and attacked by cyber criminals. With the growing threat from cyber criminals, performing security testing to identify vulnerabilities in web systems is critical. Of all security testing techniques, fuzz testing is perhaps the best technique available today. Fuzz testing involves injecting input into a target application, including mal- formed, unexpected, or random data to see how it reacts when it receives bad data. In the case of web applications, fuzz testing is done by sending numerous HTTP requests (each request contains different forms of crafted or invalid data) to a web server to measure the response generated by the server. This study will create an Automated Web Application Fuzzer which will be integrated with Jenkins so that continuous security testing of Web Applications can occur. Test cases were created using known security vulnerabilities within web applications. Testing revealed that the automation tool found vulnerabilities in thirteen (13) out of fifteen (15) test cases. Therefore, testing reveals that the majority of web vulnerabilities can be easily identified simply by reviewing the content of HTTP responses, thereby validating the effectiveness of the proposed auto- mated web application fuzzing methodology
Web Application Security, Fuzz Testing, Automated Vulnerability Detection, HTTP Request Testing
IRE Journals:
Ritik Dhankhar, Ajay Sharma, Shakti Arora "A Web-Based Automated Fuzzing Tool for Web Applications" Iconic Research And Engineering Journals Volume 9 Issue 1 2025 Page 2235-2243 https://doi.org/10.64388/IREV9I1-1718982
IEEE:
Ritik Dhankhar, Ajay Sharma, Shakti Arora
"A Web-Based Automated Fuzzing Tool for Web Applications" Iconic Research And Engineering Journals, 9(1) https://doi.org/10.64388/IREV9I1-1718982