In a world increasingly dependent on technology and in an era where connectivity is omnipresent, Web applications have become an essential part of our everyday life. The evolution of these applications, combined with the exponential increase in the number of users, has brought with it not only convenience but also significant challenges in terms of security. Ensuring the security of Web applications and their data is increasingly a priority for companies, although many companies lack the know-how, time, and money to do so. This research project studied and developed a system with the aim of automating the process of detecting vulnerabilities in Web applications by exploiting the benefits of the interoperability of the two forms of automation of the tool selected to carry out this analysis. The developed solution is low-cost and requires very little user intervention. In order to validate and evaluate the developed platform, experiments were carried out on applications with different types of vulnerabilities known in advance and on real applications. It is essential to guarantee the security of Web applications, and the developed system proved capable of automating the detection of vulnerability risks and returning the results in a relatively simple way for the user.

We would like to thank Iscte-Instituto Universitário de Lisboa and ISTAR for providing some resources to perform this research.

Web application,Vulnerability,Security,Scanner,Automation,Detection

• Ciências da Computação e da Informação - Ciências Naturais
• Engenharia Eletrotécnica, Eletrónica e Informática - Engenharia e Tecnologia