Proceedings of The 2nd World Conference on Engineering and Technology
Web Security Vulnerability Analysis of Ethiopian Government Offices
Tliahun Ejigu Belay
This research focused on detailed analysis of Ethiopian governmental office server side and client side “Web Security Vulnerability Analysis of Ethiopian Government Offices”. The purpose of this assessment is to discover weak links (vulnerabilities) and provide recommendations and guidelines to vulnerable entities found in its web application. however, choose to qualitatively assess impact and probability explicitly. For each term has been assign high, medium, or low vulnerability. A simple matrix is developed to estimate overall exposure. Vulnerability analysis is a series of activities undertaken to identify the weaknesses and holes to exploit security vulnerabilities. It helps to confirm the effectiveness of the security measures that have been analyzed. The methodology of vulnerability analysis includes three phases: test preparation, conducting test and test result analysis. Each of them involves a series of further steps and tasks. This report further illustrates how to apply this methodology to conduct vulnerability analysis on ten (10) sample governmental office web applications, finally the result of the research shows all the possible number of Vulnerabilities rate and system weakness perspective attack of governmental office network asset vulnerability analysis finding results of both approaches based on Vulnerability impact rate or risk level and system technology weakness or attack perspective by using black box testing.
keywords: Vulnerability Analysis, Security Testing, Vulnerability Assessment, Penetration Testing, Web Application Penetration Testing.