Page 34 - info_oct_2021_draft13
P. 34

In Focus                          Comprehensive Security                               Detecting Web Infra
                         AVART                 Assessment                Web Shells              Vulnerabilities






          Automated

          Vulnerability Analysis &




          Reporting Tool






          Detecting most common vulnerabilities efficiently





             VART (Automated Vulnerability Analysis and  Web applications are frequent targets of cyber-attacks. To defend against
             Reporting Tool) is a DAST (Dynamic Analysis
          Aand Security Testing) Tool developed   such attacks, it is imperative to patch vulnerabilities present in a web
          to automate the process of vulnerability   application and hence vulnerability analysis is an important part of web
          assessment and analysis of large number of web
          applications and thereby reduce the time and  application security. Manually analyzing a medium to large-sized web
          manual effort required. An easy to use web based   application is a time-consuming and error-prone process due to the
          interface along with a dashboard was a primary
          requirement of the tool to make it possible for  presence of many components. A tool that can automatically analyze and
          users with all minimal knowledge of application   report vulnerabilities in a web application can reduce the effort needed for
          security to use the application. The user interface
          of the application is shown in figure 1 through 3.  vulnerability analysis, thereby enabling web application owners to fix and
                                             patch the vulnerabilities before they can be exploited. AVART (Automated
          Features of the application        Vulnerability Analysis  and  Reporting Tool)  is  such  a  tool  that  comprises
            The application was designed for vulnerability
          analysis of production web applications. To  automated vulnerability analysis of web applications and a dashboard for
          prevent damage to production web applications,   reporting. AVART can detect most common web application issues in a fast
          the  application  does  not  perform  high  risk
          vulnerability  analysis  including  injection  and efficient manner.
          attacks. The application provides the following
          features for testing common web applications
          vulnerabilities.                      Dashboard










                         Tasiruddin Ahmed
                         Scientist-F
                         asm-tasir@nic.in






                         Bronjon Gogoi
                         Scientist-C
                         asm-bronjon@nic.in



          34  informatics.nic.in  October 2021
                           October 2021
          34 informatics.nic.in
   29   30   31   32   33   34   35   36   37   38   39