Scanning of Web-Applications: Algorithms and Software for Search of Vulnerabilities "Code Injection" and "Insecure Design".

The work is dedicated to the analysis of algorithms and software tools for scanning web applications with the aim of detecting vulnerabilities according to OWASP top 10. Incorrect or insecure programming can lead to the emergence of vulnerabilities that can be exploited by malicious actors to gain unauthorized access to data or render applications inoperable, thereby violating confidentiality, integrity, and availability. The main objective of this research is to analyze existing algorithms and software capable of automatically scanning web applications for vulnerabilities such as “code injection” and “insecure design”. The work presents an overview of existing vulnerabilities in web applications, specifically “code injection” and “insecure design”, as well as describing the main approaches and methods used for their detection. Subsequently, scanning algorithms based on the identified approaches and methods are developed and discussed their implementation.