A network based vulnerability scanner for detecting SQLI attacks in web applications

摘要

Today is the world of information era, where information is available on just our single click. Web applications are playing a magnificent role in this, every organizations are mapping their business from a room to the world with the help of these Web Apps. Web applications generally consist of a three tier architecture where database is in the third pole, which is the most valuable assets in any organization, as the adaptation of web applications are increases day by day, various attacks are possible against this. SQL injection is an attack in which an attacker directly compromises the database, that's why this is a most threatening attack. Various Vulnerability scanners has been proposed to deal with this, but none of them are able to detect SQLI completely, the existing tools have the accuracy ratio very less as well as they produce a high rate of false positive, apart from that all these tools take much time to scan. So here we are presenting a network based vulnerability scanner approach which provides a better coverage and with no false positive within a short span of time.