An Intelligent and Automated WCMS Vulnerability-Discovery Tool: The Current State of the Web

The main focus of the cyber-security community has been to make operating systems and communication networks more secure and harder for attackers to penetrate. This also applies to all the applications on the Internet. The most frequently used web application and user pages are today developed with the Web Content Management System (WCMS), as it allows user-friendly access, easy development and operation. WCMSs are present all over the world in many different environments. Any malware that can penetrate the WCMS can significantly affect the system itself and can cause a misconfiguration. The security and stability of these systems are important for reducing the risks and consequences of attacks or disfunctions with currently known similar tools. This paper presents a newly developed tool for identifying the vulnerabilities of the majority of Internet sites with WCMS applications and the remedies to be applied. Its key feature is the ability to perform automated, fast and dynamic vulnerability scans of the WCMS and the attached plug-ins on a large scale with in-built ethical respect.