<![CDATA[Web application security is becoming increasingly critical amidst increasing cyber threats that can result in data leakage and other losses. This research aims to identify and exploit security vulnerabilities in a web application using two popular tools, OWASP ZAP and SQLMAP. OWASP ZAP is used to find various vulnerabilities such as Cross-Site Scripting (XSS) and insecure configuration, while SQLMAP is focused on the detection and exploitation of SQL Injection vulnerabilities. Through a series of automated scans and in-depth analysis, this research successfully identified several vulnerabilities with medium and low risk levels. The test results show that both tools are effective in identifying vulnerabilities, providing important insights into mitigation steps that need to be taken to improve web application security. This research also emphasizes the importance of input validation and sanitization, the use of parameterized queries, and security configuration updates as key mitigation measures. The findings are expected to contribute to improved security practices in web application development and reduce the risk against cyberattacks.]]>
Copyrights © 2024
