Measuring Vulnerabilities of Bangladeshi Websites

Abstract

No web application is without the risk of exploits and fully infallible. Even so, web services have been integrated into our daily lives in such a way that we have been accustomed to sharing huge personal information on the web. Within this setting, the aim of this study is to show a method to detect maximum vulnerabilities of web-applications at minimum cost and effort. Using the penetration testing and source code analysis mechanisms, representing the black box and white box testing respectively, we have evaluated the vulnerabilities of selected websites of Bangladesh against a set of most common and prevalent attack vectors. Then, we have presented the vulnerability status of the websites in different graphical formats. The result shows that 64% of the selected web applications in Bangladesh are running with the vulnerabilities and specifically, government websites are in a critical state.