Skip to content

iamadityamehta/Web-Application-Security-Assessment-Using-DVWA

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
Week 3
Week 3
 
 
README.md
README.md
 
 

Repository files navigation

🛡️ Vulnerability Assessment & Penetration Testing (VAPT) Project

📌 Overview

This repository presents a comprehensive Vulnerability Assessment and Penetration Testing (VAPT) project. It demonstrates a structured approach to identifying, analyzing, and mitigating security vulnerabilities within a target system using industry-standard tools and methodologies.

📌 Internship Context

This task was completed as a part of my Vulnerability Assessment and Penetration Testing (VAPT) Internship at Cyart Technologies in March 2026.

🎯 Objectives

  • Perform end-to-end security assessment
  • Identify vulnerabilities across multiple layers
  • Demonstrate real-world exploitation techniques
  • Provide effective remediation strategies

📍 Scope

  • Target: Web Application / Testing Environment
  • Testing Type: Black-box / Grey-box
  • Environment: Controlled and authorized setup

⚙️ Methodology

The assessment follows standard VAPT phases:

  1. 🔎 Reconnaissance
  2. 📡 Scanning & Enumeration
  3. 🧪 Vulnerability Analysis
  4. 💣 Exploitation
  5. 🔐 Post-Exploitation
  6. 📄 Reporting

🛠️ Tools Used

  • Nmap
  • Burp Suite
  • OpenVAS
  • Nikto
  • OWASP ZAP

📊 Key Findings

  • Multiple vulnerabilities identified (Low to High severity)
  • Successful demonstration of exploitation techniques
  • Detection of misconfigurations and insecure endpoints

🔑 Key Learnings

  • Chained vulnerabilities can significantly increase attack impact
  • Proper configuration of tools is critical for accurate results
  • Practical exposure to real-world attack methodologies
  • Importance of risk prioritization and structured reporting

⚠️ Challenges Faced

  • Tool configuration and setup issues
  • False positives in automated scanning tools
  • Limited scope and environment constraints

🛠️ Remediation

  • Implementation of input validation and sanitization
  • Strengthening authentication and session management
  • Secure server and application configurations
  • Regular vulnerability assessments and patch management

📌 Conclusion

This project highlights the importance of proactive security testing in modern systems. By following a structured VAPT methodology, it becomes possible to identify critical vulnerabilities, understand their impact, and apply effective remediation strategies to enhance overall system security.

⚠️ Disclaimer

This project is intended for educational purposes only. All testing activities were conducted in a controlled and authorized environment. Unauthorized testing on systems without permission is strictly prohibited.

👨‍💻 Author

Aditya Mehta
Cybersecurity Enthusiast

About

A practical cybersecurity assessment simulating real attack scenarios to uncover vulnerabilities and strengthen system defenses through structured VAPT methodology.

Topics

exploit analysis cybersecurity exploitation metasploit-framework vulnerability-detection dvwa dvwa-docker vapt

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors