Cybersecurityknowledge~30 mins

Web vulnerability scanning in Cybersecurity - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Practice Challenge Project Recall Time

Web Vulnerability Scanning Basics

📖 Scenario: You are a cybersecurity analyst tasked with checking a website for common security weaknesses. You will create a simple checklist and process to scan for vulnerabilities.

🎯 Goal: Build a step-by-step checklist and scanning plan for web vulnerability scanning to identify common security issues.

📋 What You'll Learn

Create a list of common web vulnerabilities

Add a threshold for risk level

Write a loop to filter vulnerabilities above the threshold

Add a final step to mark the scan as complete

💡 Why This Matters

🌍 Real World

Web vulnerability scanning helps identify security weaknesses in websites before attackers can exploit them.

💼 Career

Cybersecurity professionals use scanning tools and processes like this to protect organizations from data breaches and attacks.

Progress0 / 4 steps

Create a list of common web vulnerabilities

Create a list called vulnerabilities with these exact entries: 'SQL Injection', 'Cross-Site Scripting', 'Broken Authentication', 'Sensitive Data Exposure', and 'Security Misconfiguration'.

Cybersecurity

# Create the list vulnerabilities with the specified entries
# Your code here

Need a hint?

Use square brackets to create a list and include all five vulnerability names as strings.

Add a risk threshold for scanning

Create a variable called risk_threshold and set it to the integer 3 to represent the minimum risk level to scan for.

Cybersecurity

vulnerabilities = ['SQL Injection', 'Cross-Site Scripting', 'Broken Authentication', 'Sensitive Data Exposure', 'Security Misconfiguration']
# Create risk_threshold variable and set it to 3
# Your code here

Need a hint?

Use a simple assignment to create the risk_threshold variable with value 3.

Filter vulnerabilities by risk level

Create a dictionary called risk_levels with these exact key-value pairs: 'SQL Injection': 5, 'Cross-Site Scripting': 4, 'Broken Authentication': 3, 'Sensitive Data Exposure': 2, and 'Security Misconfiguration': 1. Then create a list called high_risk_vulnerabilities that includes only vulnerabilities from vulnerabilities whose risk level in risk_levels is greater than or equal to risk_threshold. Use a list comprehension with variables vuln and risk_levels[vuln].

Cybersecurity

vulnerabilities = ['SQL Injection', 'Cross-Site Scripting', 'Broken Authentication', 'Sensitive Data Exposure', 'Security Misconfiguration']
risk_threshold = 3
# Create risk_levels dictionary and high_risk_vulnerabilities list using list comprehension
# Your code here

Need a hint?

Use curly braces to create the dictionary and a list comprehension to filter vulnerabilities by risk.

Mark the scan as complete

Create a boolean variable called scan_complete and set it to True to indicate the vulnerability scan is finished.

Cybersecurity

vulnerabilities = ['SQL Injection', 'Cross-Site Scripting', 'Broken Authentication', 'Sensitive Data Exposure', 'Security Misconfiguration']
risk_threshold = 3
risk_levels = {'SQL Injection': 5, 'Cross-Site Scripting': 4, 'Broken Authentication': 3, 'Sensitive Data Exposure': 2, 'Security Misconfiguration': 1}
high_risk_vulnerabilities = [vuln for vuln in vulnerabilities if risk_levels[vuln] >= risk_threshold]
# Create scan_complete variable and set it to True
# Your code here

Need a hint?

Use a simple assignment to create the scan_complete variable with value True.