Assessfy Capstone Lab Advanced 6 milestones 100 marks

Automated Web Application Vulnerability Scanner with OWASP Top-10 Compliance Reporting

Branch: Cyber Security Type: Industry-applied final-year Major Project Standard: Mumbai University Rev-2019 'C' Scheme (Major Project I + II) Group: up to 4 students Assessment: 6 review-based milestones (100 marks)

Real-world project · AICTE-aligned · AI-graded · Audit-ready certificate

Enroll as Student Mentor this project

Milestones

Available mentors

Enrolled students

Core skills

About this project

Objective: To design and implement an automated tool that scans web applications for vulnerabilities and generates detailed reports based on OWASP Top-10 standards.

Web applications in India are increasingly targeted by cybercriminals, exposing businesses, government portals, and educational institutions to risks such as data theft, service disruption, and financial fraud. Small and medium enterprises often lack access to affordable, effective vulnerability assessment tools, making them particularly vulnerable to cyberattacks.

This project aims to engineer a robust, automated web application vulnerability scanner tailored for Indian industry needs. The scanner will analyze deployed web applications, detect vulnerabilities mapped to the OWASP Top-10 risks, and provide actionable compliance reports. The project follows the full lifecycle: requirement analysis, system design, tool development, testing against real-world attack scenarios, and reporting.

Key deliverables include: a user-friendly scanning tool supporting Indian web stacks, vulnerability detection algorithms, a reporting dashboard with remediation suggestions, and live demonstration on local web apps with known vulnerabilities. The working model will showcase detection of issues like SQL Injection, Cross-Site Scripting, and Insecure Deserialization.

The solution can help Indian organizations enhance cybersecurity posture, meet regulatory standards, and scale to protect diverse web applications across sectors. It encourages industry adoption by offering cost-effective, automated vulnerability assessment aligned with global standards.

Milestones

1. Synopsis & Problem Definition (Stage-I Review-1)

8 marks 25d

Submit a synopsis outlining the need for automated vulnerability scanning in India, with a clear problem statement and project scope; reviewed via presentation and written summary.

2. Literature / Market Survey & Requirement Analysis (Stage-I Review-2)

12 marks 25d

Conduct a survey of existing web vulnerability scanners, OWASP guidelines, and Indian industry needs; deliver a requirement analysis document for faculty review.

3. System Design, Methodology & Cost Analysis (Stage-I close)

18 marks 35d

Present technical architecture, detection algorithms, user interface design, and cost estimation; evaluated through design diagrams and oral review.

4. Implementation / Fabrication of Working Model (Stage-II Review-1)

28 marks 45d

Develop and integrate the scanning tool, reporting dashboard, and test environment; demonstrate prototype functionality in a live review session.

5. Testing, Results & Validation (Stage-II Review-2)

22 marks 35d

Perform vulnerability detection on real and simulated web applications, validate results against OWASP benchmarks, and document findings for faculty review.

6. Report, Paper & Demonstration / Oral Defense (Stage-II final Oral & Practical)

12 marks 25d

Submit final report, IEEE-format paper, and deliver a live demonstration with oral defense to external examiner panel.

Open internships using this project -->

Skills you'll learn

CapstoneFinal-year projectMajor projectCyber SecurityWeb security vulnerability analysis and penetration testingSoftware design and modular developmentImplementation using Python/Java and web stack integrationAutomated reporting and dashboard creationTesting against real-world attack scenariosTeamwork and collaborative engineeringTechnical documentation and IEEE paper writing

Tools used

Python (Flask/Django) or Java (Spring Boot)OWASP Top-10 standards and documentationBurp Suite Community EditionSQLMapNiktoand custom scriptsPostgreSQL/MySQL for test databasesBootstrap/React for reporting dashboardVulnerable web apps (e.g.DVWAOWASP Juice Shop) for demonstration

Prerequisites

Web Technologies and DevelopmentInformation Security PrinciplesNetwork SecuritySoftware Engineering

Available mentors

No mentors have signed up for this project yet.

Be the first to mentor

You'll earn — Certificate (PDF)

AICTE-aligned Project Completion Certificate

A formal, audit-ready PDF certificate issued by Assessfy + your institute on successful completion. Includes AICTE credit hours, your evaluator's signature, and a QR code for third-party verification.

AICTE-aligned

Certificate of Project Completion

This is to certify that

has successfully completed the project

Automated Web Application Vulnerability Scanner with OWASP …

Scan to Verify

Date

Signature

Auto-issued on completion QR-verifiable

You'll earn — Digital Badge

Shareable LinkedIn / Resume Skill Badge

A compact, verifiable Open-Badges-2.0-compliant digital credential. Add to your LinkedIn profile, GitHub README, or resume in one click. Recruiters can validate authenticity via a unique URL.

Advanced

Automated Web Application Vulnerabili…

Assessfy

Auto-issued on completion One-click LinkedIn add