Performance-based Comparative Analysis of OpenSource Vulnerability Testing Tools for WebDatabase Applications

Abstract

In the last two decades, with the increase of in-formation communications technology, the cybersecurity threats to web-based data-bases have seen exponential growth. Though the web database resources are tested for possible cyber threat vulnerabilities, it is challenging to identify the security weak points and back-doors of web database and applications to achieve data confidentiality and integrity. The vulnerability testing tools are used to find specific vulnerabilities on software or applications. This paper studies, analyses and compares the open-source vulnerability testing tools, SQLMAP and JSQL, for web database applications. A set of dummy URLs are introduced to evaluate the penetrating ability of both tools, and an analysis is presented to aid the users to choose a suitable tool based on security requirements.