Phishing attacks are a common and serious issue in our digital age, short uniform resource locators are frequently used in these attacks to trick unwary visitors into visiting malicious websites. Short uniform resource locators are often used to hide a link's true destination, making it harder for visitors to establish whether a link is legitimate or phishing. Due to this, individuals and organizations attempting to protect themselves from phishing attempts have a significant problem. This research introduces a novel system that integrates machine learning algorithms with a blacklist approach to enhance phishing detection. The system's objective is to support transparency protect user privacy, and increase the precision and efficiency of identifying phishing attacks hidden behind Short URLs, thereby granting users real-time protection against phishing attacks. The findings demonstrate that the proposed system is highly effective. Many machine learning algorithms were used and compared, Gradient Boosting emerged as the best algorithm among those tested, with an excellent accuracy rate of 97.1%. This algorithm outperformed other algorithms in distinguishing between legitimate and phishing uniform resource locators, demonstrating its strong capabilities in the face of the growing threat landscape of phishing attacks via short uniform resource locators. By addressing gaps in prior research, particularly in detecting phishing using short URLs, this study provides a valuable contribution to cybersecurity.

The rise of cyberattacks has led to an increase in the creation of fake websites by attackers, who use these sites for advertising products, transmit malware, or steal valuable login credentials. Phishing, the act of soliciting sensitive information from users by masquerading as a trustworthy entity, is a common technique used by attackers to achieve their goals. Spoofed websites and email spoofing are often used in phishing attacks, with spoofed emails redirecting users to phishing websites in order to trick them into revealing their personal information. Traditional solutions for detecting phishing websites rely on signature-based approaches that are not effective in detecting newly created spoofed websites. To address this challenge, researchers have been exploring machine-learning methods for detecting phishing websites. In this paper, we suggest a new approach that combines the use of blacklists and machine learning techniques such that a variety of powerful features, including domain-based features, abnormal features, and abnormal features based on URLs, HTML, and JavaScript, to rank web pages and improve classification accuracy. Our experimental results show that using the proposed approach, the random forest classifier offers the best accuracy of 93%, with FPR and FNR as 0.12 and 0.02, with a Precision of 90%, Recall of 97% an F1 Score of 93%, and MCC of 0.85.

Web applications are becoming very important in our lives as many sensitive processes depend on them. Therefore, it is critical for safety and invulnerability against malicious attacks. Most studies focus on ways to detect these attacks individually. In this study, we develop a new vulnerability system to detect and prevent vulnerabilities in web applications. It has multiple functions to deal with some recurring vulnerabilities. The proposed system provided the detection and prevention of four types of vulnerabilities, including SQL injection, cross-site scripting attacks, remote code execution, and fingerprinting of backend technologies. We investigated the way worked for every type of vulnerability; then the process of detecting each type of vulnerability; finally, we provided prevention for each type of vulnerability. Which achieved three goals: reduce testing costs, increase efficiency, and safety. The proposed system has been validated through a practical application on a website, and experimental results demonstrate its effectiveness in detecting and preventing security threats. Our study contributes to the field of security by presenting an innovative approach to addressing security concerns, and our results highlight the importance of implementing advanced detection and prevention methods to protect against potential cyberattacks. The significance and research value of this survey lies in its potential to enhance the security of online systems and reduce the risk of data breaches.