OWASP ZAP vs Snort for SQLi Vulnerability Scanning

Author

Christopher Kalaani, Georgia Southern UniversityFollow

Term of Award

Spring 2023

Degree Name

Master of Science, Information Technology

Document Type and Release Option

Thesis (open access)

Copyright Statement / License for Reuse

This work is licensed under a Creative Commons Attribution 4.0 License.

Department

Department of Information Technology

Committee Chair

Lei Chen

Committee Member 1

Chris Kadlec

Committee Member 2

Yiming Ji

Abstract

Web applications are important to protect from threats that will compromise sensitive information. Web vulnerability scanners are a prominent tool for this purpose, as they can be utilized to find vulnerabilities in a web application to be rectified. Two popular open-source tools were compared head-to-head, OWASP ZAP and Snort. The performance metrics evaluated were SQLi attacks detected, false positives, false negatives, processing time, and memory usage. OWASP ZAP yielded fewer false positives and had less processing time. Snort used significantly fewer memory resources. The internal workings of ZAP’s Active Scan feature and Snort’s implementation of the Boyer-Moore and Aho-Corasick algorithms were identified as the main processes responsible for the results. Based on the research, a set of future working recommendations were proposed to improve web vulnerability scanning methods.

Recommended Citation

Kalaani, Christopher, "OWASP ZAP vs Snort for SQLi Vulnerability Scanning" (2023). Electronic Theses and Dissertations. 2600.
https://digitalcommons.georgiasouthern.edu/etd/2600

Research Data and Supplementary Material

No