OWASP Top 10 Vulnerability Scanner With Automated Reporting
E-commerce sites are dense with attack surface, including logins, carts, payments, and search, and most breaches exploit vulnerabilities from a well-known list that automated tooling could have caught. This project builds an open-source scanner that finds those weaknesses before attackers do.
The intern develops the tool in Python to detect OWASP Top 10 vulnerabilities, including cross-site scripting, SQL injection, CSRF, authentication flaws, and security misconfigurations, and to generate detailed reports that developers can act on directly. Beyond dynamic scanning, the project integrates static code analysis for insecure patterns in source, log analysis to spot exploitation traces, and penetration testing modules that probe targets the way a professional assessor would. Reports rank findings by severity, explain each vulnerability class, and point to remediation.
Building a scanner rather than just running one forces genuine depth: the intern must understand each vulnerability mechanically to write reliable detection for it. Completing the project demonstrates security auditing capability and Python engineering discipline, and yields an open-source artifact that hiring managers in application security can inspect directly.