EPrints Logo

FINAL YEAR PROJECT REPORT [FYP] - WEB VULNERABILITY SCANNER: CT206: AUG 2025

NUR IZZAH AKMAL, MOHD RESTU (2025) FINAL YEAR PROJECT REPORT [FYP] - WEB VULNERABILITY SCANNER: CT206: AUG 2025. Project Report. UPTM.

[img] Text
FYP4085_REPORT_NUR IZZAH AKMAL BT MOHD RESTU(AM231101527).pdf
Download (13MB)

Abstract

The goal of this project is to develop a Web Vulnerability Scanner to help users automatically and easily detect security vulnerabilities in websites. SQL Injection, XSS, poor server configuration and missing security headers are some of the attacks that constantly threaten web applications. Manually checking for these issues is not possible for many users, especially small companies, who do not have the tools or skills to do so. To address this, the system will allow users to enter a URL, and the scanner will scan the entire system with trusted tools such as OWASP ZAP and Nikto that scan for both application level and server level vulnerabilities. The system is built on the Flask web framework with the help of Celery and Redis to implement background scanning functionality to ensure that the system does not slow down. The scan is processed in the background when the user initiates the scan, so that the interface can be responsive. All scan findings are stored in a central database (SQLite), and users have the option to view them in a clean dashboard summary of Critical, High, Medium, and Low risks. Other important features included in the platform are the ability to log in with OTP (One Time Password), user and administrator role-based access control, deep scan requests, scan history, and PDF report generation which makes the system more secure and professional. A User Acceptance Testing (UAT) session was conducted to make it usable and effective. The interface was reviewed by users, the scanning process was tested, and the clarity of the results was assessed. Most users reviewed the system was user-friendly, and the features were up to standard in terms of cybersecurity. According to the feedback provided by users, it was found that the tool needs to be improved by adding better names to vulnerability, more clearly displayed scan information, and perhaps future features that integrate with search engines. Overall, the final product has successfully demonstrated the effectiveness of automated scanning as an instrument to provide users with the opportunity to identify risks in a timely manner, improve website security, and foster learning and awareness about cybersecurity.

Item Type: Monograph (Project Report)
Uncontrolled Keywords: WEB VULNERABILITY SCANNER, CT206
Divisions: Faculty of Computing and Multimedia (FCOM)
Depositing User: Library3 UPTM
Date Deposited: 20 May 2026 08:29
Last Modified: 20 May 2026 08:29
URI: http://eprints.uptm.edu.my/id/eprint/5624

Actions (login required)

View Item View Item