This paper is published in Volume-11, Issue-3, 2025
Area
Cyber Security
Author
Manav Agarwal, Shrushti Patil, Dr. Suvarna Patil, Mrs. Sneha Kanawade
Org/Univ
DYPIEMR, Pimpri-Chinchwad, Maharashtra, India
Keywords
Vulnerability assessment, Penetration test, OWASP, OpenVAS, Metasploit, Web based application, CVE
Citations
IEEE
Manav Agarwal, Shrushti Patil, Dr. Suvarna Patil, Mrs. Sneha Kanawade. OpenXploit: An Automated Approach to Vulnerability Assessment and Penetration Testing, International Journal of Advance Research, Ideas and Innovations in Technology, www.IJARIIT.com.
APA
Manav Agarwal, Shrushti Patil, Dr. Suvarna Patil, Mrs. Sneha Kanawade (2025). OpenXploit: An Automated Approach to Vulnerability Assessment and Penetration Testing. International Journal of Advance Research, Ideas and Innovations in Technology, 11(3) www.IJARIIT.com.
MLA
Manav Agarwal, Shrushti Patil, Dr. Suvarna Patil, Mrs. Sneha Kanawade. "OpenXploit: An Automated Approach to Vulnerability Assessment and Penetration Testing." International Journal of Advance Research, Ideas and Innovations in Technology 11.3 (2025). www.IJARIIT.com.
Manav Agarwal, Shrushti Patil, Dr. Suvarna Patil, Mrs. Sneha Kanawade. OpenXploit: An Automated Approach to Vulnerability Assessment and Penetration Testing, International Journal of Advance Research, Ideas and Innovations in Technology, www.IJARIIT.com.
APA
Manav Agarwal, Shrushti Patil, Dr. Suvarna Patil, Mrs. Sneha Kanawade (2025). OpenXploit: An Automated Approach to Vulnerability Assessment and Penetration Testing. International Journal of Advance Research, Ideas and Innovations in Technology, 11(3) www.IJARIIT.com.
MLA
Manav Agarwal, Shrushti Patil, Dr. Suvarna Patil, Mrs. Sneha Kanawade. "OpenXploit: An Automated Approach to Vulnerability Assessment and Penetration Testing." International Journal of Advance Research, Ideas and Innovations in Technology 11.3 (2025). www.IJARIIT.com.
Abstract
Vulnerability assessment (VA) and penetration testing (Pen-Test) are required for security auditing and compliance. Converting VA scan results to be usable in Pen-Test tools is difficult because it must be done at various stages using software tools. This paper describes a system that automatically converts Open Vulnerability Assessment Scanner results into exploitable scripts for Metasploit, an open-source pen-testing program. It targets the top ten vulnerabilities identified by the Open Web Application Security Project and tests them with Metasploit. The system consists of three major components: Scan Result Extraction, which extracts VA scan results related to OWASP 10 vulnerabilities; Target List Repository, which stores vulnerability lists for Metasploit; and Automated Shell Scripts Exploitation, which generates scripts to render the exploit module for execution in Metasploit. The prototype was tested with a variety of scenarios, converting scan results to shell code and rendering them in Metasploit. The experimental results confirmed that the system was functionally correct across all test cases.
