Malik Muneeb Abid

Work place: Department of Civil Engineering, International Islamic University, Islamabad



Research Interests: Computational Science and Engineering, Computer systems and computational processes, Computer Architecture and Organization, Solid Modeling, Network Architecture, Network Security, Data Mining, Data Structures and Algorithms


Malik Muneeb Abid was born in 1987 in Pakistan. He  received B.Sc degree in Civil Engineering  from  U.E.T  Taxila,  Pakistan and  MS  degree  in  Transportation Engineering  from  NUST,  Pakistan.  Since 2013,  he  is  a  PhD  student  at  School  of Transportation  and  Logistics,  Southwest Jiaotong University, Sichuan, Chengdu, PR China.  His research interests are Network Robustness, Transportation network modeling and simulation, Data Mining, Supervised Machine Learning algorithms.  He is member of IAROR and PEC.

Author Articles
Web Vulnerability Finder (WVF): Automated Black- Box Web Vulnerability Scanner

By Muhammad Noman Khalid Muhammad iqbal Kamran Rasheed Malik Muneeb Abid

DOI:, Pub. Date: 8 Aug. 2020

Today the internet has become primary source of communication among people because it holds limitless space and pool of various web applications and resources. The internet allows us to communicate in a fraction of second with another people who is sitting in the other part of the world. At present, the internet has become part of our daily life and its usage is increasing exponentially, therefore it accumulates a number of web applications on daily basis on Web podium. Most of the web applications exist with few weaknesses and that weaknesses give room to several bad buys (hackers) to interrupt that weak part of code in web applications. Recently, SQL Injection, Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) seriously threaten the most of the web applications.  In this study, we have proposed a black box testing method to detect different web vulnerabilities such as SQL Injection, XSS and CSRF and developed a detection tool i.e. Web Vulnerabilities Finder (WVF) for most of these vulnerabilities.  Our proposed method can automatically analyze websites with the aim of finding web vulnerabilities. By applying the tool to some websites, we have found 45 exploitable XSS, SQL Injection 45, Directory Discloser 38 and Local/remote file inclusion 40 vulnerabilities. The experimental results show that our tool can efficiently detect XSS, SQL Injection, Directory Discloser and LFI/RFI vulnerabilities.

[...] Read more.
Other Articles