Web Security Investigation through Penetration Tests: A Case study of an Educational Institution Portal

Abstract

Web security has become an important subject; many companies and organizations are becoming more security conscious as they build web applications to render online services and increase web presence. Unfortunately, many of these web applications are still susceptible to threats as they lack strong immunity to malicious attacks. This poses potential danger to the users of the sites and could also affect operations of the organizations or companies concerned. Educational institutions are not left out, their portals and websites hold vital information whose integrity is of utmost importance. Taking Carnegie Mellon University Africa's internship portal as case study, we carried out penetration tests to investigate web vulnerabilities and proffered possible remedies to the discovered vulnerabilities. Our result will inform educational institutions on better website security practices, especially in the African domain.