Abstract: Considering the perpetual need for security in network platforms, this study investigates various penetration testing tools in the abundance of options when it comes to network security. This study presents the experimental run results of select penetration testing tools on deliberately vulnerable network traffic, as well as the comparison of those tools. We test three vulnerability assessment tools: ZAP, Vega and Arachni as part of this research in the hope to provide current and practical data for the research community in the network security field. Our choice of vulnerability testing tools is based on the following criteria: being current, usability, reliability (stability), and performance w.r.t speed. Our results demonstrate that each vulnerability assessment tool depicts its own advantages and disadvantages by being better at one or more criteria than the others, but not prevailing in all. This, in turn, suggests that choosing a penetration tool to employ for testing the vulnerability web applications is a challenging decision that should consider multiple parameters, rather than being merely straightforward.
Download this article: JISAR - V16 N2 Page 54.pdf
Recommended Citation: Garcia, S., Abraham, A., Kepic, K., Cankaya, E., (2023). A Comparative Analysis of Web Application Vulnerability Tools. Journal of Information Systems Applied Research16(2) pp 54-60. http://JISAR.org/2023-2/ ISSN : 1946 - 1836. A preliminary version appears in The Proceedings of CONISAR 2022