Skip to content

Venkat-Kolasani/WebGuard

BranchesTags

Repository files navigation

WebGuard - Web Application Vulnerability Scanner

WebGuard is a comprehensive web application vulnerability scanner designed to detect security vulnerabilities in web applications, including SQL injection and Cross-Site Scripting (XSS) vulnerabilities.

Features

  • SQL Injection Detection: Identifies various types of SQL injection vulnerabilities, including error-based, time-based, and authentication bypass.
  • XSS Scanning: Detects reflected, stored, and DOM-based Cross-Site Scripting vulnerabilities.
  • Detailed Reports: Generates comprehensive reports with vulnerability details, severity ratings, and remediation recommendations.
  • PDF Export: Export scan results as PDF documents for sharing and documentation.
  • Vulnerability Test Pages: Includes test pages with intentional vulnerabilities for demonstration and testing purposes.

Installation

  1. Clone the repository:

    git clone https://github.com/Venkat-Kolasani/WebGaurd.git

  2. Set up a web server with PHP and MySQL support (e.g., XAMPP, WAMP, or MAMP).

  3. Import the database schema from the setup_database.sql file.

  4. Configure the database connection in config/db_config.php.

  5. Access the application through your web server.

Usage

  1. Start a New Scan: Enter the target URL and select the vulnerability types to scan for.
  2. View Scan Progress: Monitor the progress of the scan in real-time.
  3. Review Results: Examine detailed information about detected vulnerabilities, including severity, affected parameters, and remediation steps.
  4. Export Reports: Export scan results as PDF documents for documentation and sharing.

Test Pages

The application includes vulnerable test pages to demonstrate the scanner's capabilities:

  • SQL Injection Test Page: Contains vulnerable forms and parameters susceptible to SQL injection attacks.
  • XSS Test Page: Demonstrates various types of Cross-Site Scripting vulnerabilities.

These pages are located in the vulnerable_test_pages directory and can be used to validate the scanner's detection capabilities.

Security Notice

The vulnerable test pages included in this project contain intentional security vulnerabilities for demonstration purposes. Do not deploy these pages in a production environment.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Acknowledgments

  • Built as part of a web development project.
  • Inspired by professional vulnerability scanning tools and security best practices.

About

A basic Vulnerability Scanner using PHP,JavaScript,CSS,Bootstrap and mySQL

Topics

javascript mysql css php html5 bootstrap5

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages