Comparison of the effectiveness of tools for testing the security of web applications
Article Sidebar
Open full text
Issue Vol. 34 (2025)
-
Impact of metrics on the effectiveness of Kohonen network clustering
1-7
-
Analysis of object recognition systems using augmented reality glasses
8-13
-
Comparative analysis of selected data recovery software
14-20
-
Usability analysis of graphic user interfaces for Internet forums with consideration for Universal Design Principles
21-28
-
Ergonomic analysis of book web services’ interfaces
29-35
-
Comparison of the effectiveness of tools for testing the security of web applications
36-43
-
Comparative analysis of the performance of relational and non-relational databases in applications implemented in C#
44-53
-
Analysis of performance and energy efficiency of processors with hybrid architecture
54-59
-
Analysis of user identification methods in web browsers
60-67
-
Multi-aspect comparative analysis of JavaScript programming frameworks – React.js and Solid.js
68-75
-
Realization and discussion of selected artificial intelligence algorithms in computer games
76-80
-
Comparative analysis of selected aspects of web application architectures
81-88
-
Evaluation of deep learning models for flood forecasting in Bangladesh
89-97
-
Optical character recognition for ancient scripts: a case study on Syloti Nagri using deep learning models
98-107
-
Design of a non-human proctoring and authentication system for mobile phone-based online examination
108-112
Main Article Content
DOI
Authors
Abstract
This article presents a comparative analysis of the effectiveness of three web application security scanners: ZAP, Wapiti, and Skipfish. Automated scanning was conducted on deliberately unsecured applications, followed by an analysis of the detected vulnerabilities. The results were presented in the form of comparative tables and graphs illustrating the number and types of detected threats. The analysis showed that ZAP detected the most vulnerabilities, particularly in low-risk categories, Skipfish excelled in identifying specific threats, while Wapiti was effective in finding simple vulnerabilities. The study demonstrated the need to combine different scanners and supplement them with manual tests for a comprehensive assessment of web application security.
