TO AUTOMATE SECURITY TESTING OF WEB APPLICATIONS BY USING MACHINE LEARNING

Abstract

To automate the security testing of the web applications just by using the Machine Learning tool in web application which assesses the security and vulnerabilities found in the web application and aiso produces group of some scanned results. Both the administrators and the scammers and the exploiters can aiso use some equivalent tool for the fixing or the exploiting of system, and administrators will really get to conduct scanned and the fixed problems before attacker does same scan and then exploit any vulnerability be found because of the web applications which are typically being developed with the hard time constraints which are often being deployed with some security vulnerabilities. The web scanners can also help in locating these vulnerabilities and their purpose to worry on appliance from attacker's view by issuing huge amount of interaction within it. The two widely dangerous vulnerabilities in the websites are the SQL injections being listed by the Open Web Application Security Project (OWASP) and the cross site scripting, in due of damage that they will cause to victim business and the located and also another vulnerability like the Cross site request forgery. In order to adapt to the difficulties, it is imperative to add security counter and measures in the website scanning, e.g, web crawler in order to diminish dangers of the vulnerabilities. The advance features which triggers use of the web application which are being given by the technologies and the architecture of the web applications with recognition of the forums, the web services and the blogging, the attackers also started about taking interest in the web applications. This joint effort of the researchers which is also utilized in the numerous speculation and layers is the establishment of the reason for the vulnerability in the websites. Numbers of the revealed website insecurities being expanded quickly. The loop holes and the bug also exists on online platforms which can also be misused by programmer and are referred to website vulnerability. Our project proposes method in order to evaluate web vulnerability scanners for the most used types of the online vulnerability are being injected in web application’s code which then being checked by scanners.