PSG POLYTECHNIC COLLEGE

DEPARTMENT OF INFORMATION TECHNOLOGY

(Autonomous and an ISO 9001: 2015 certified Institution)
COIMBATORE – 641 004

MINI PROJECT

COURSE NAME : CRYPTOGRAPHY AND INFORMATION SECURITY

LABORATORY

COURSECODE : I21651

REGULATION 2021

SEMESTER : VI SEM-EVEN

ACADEMIC YEAR : 2021-2024

NAME: ……………………………………………………………………………………………

ROLL NUMBER : ………………………………………………………………………………..

 Objective:

Analysis the Security Vulnerabilities of E-commerce services using appropriate web analysis
tools.Procedure:

1. Nikto: Nikto is an open-source web scanner that performs

comprehensive tests against web servers for various vulnerabilities,
including outdated software versions, misconfigurations, and
known security issues.
2. OWASP ZAP (Zed Attack Proxy): OWASP ZAP is a widely-used
security tool for finding security vulnerabilities in web applications.
It can be used to perform automated scans, intercept and modify
HTTP requests, and identify common web application
vulnerabilities such as SQL injection, cross-site scripting (XSS), and
insecure direct object references (IDOR).
3. Burp Suite: Burp Suite is a powerful web application security
testing toolkit that includes various tools for web vulnerability
scanning, testing, and exploitation. It offers features like web
vulnerability scanning, session management, and manual testing
capabilities.
4. Acunetix: Acunetix is a web vulnerability scanner that can
automatically scan websites and web applications for common
vulnerabilities such as SQL injection, cross-site scripting (XSS), and
insecure server configurations.
5. Metasploit: Metasploit is a penetration testing framework that
includes a wide range of exploits, payloads, and auxiliary modules
for testing and exploiting web application vulnerabilities. It can be
used to simulate real-world attacks and assess the security posture
of web applications.
Output:
Conclusion

Thus Analysis the Security Vulnerabilities of E-commerce services using

appropriate web analysis tools.