Web applications are becoming very important in our lives as many sensitive processes depend on them. Therefore, it is critical for safety and invulnerability against malicious attacks. Most studies focus on ways to detect these attacks individually. In this study, we develop a new vulnerability system to detect and prevent vulnerabilities in web applications. It has multiple functions to deal with some recurring vulnerabilities. The proposed system provided the detection and prevention of four types of vulnerabilities, including SQL injection, cross-site scripting attacks, remote code execution, and fingerprinting of backend technologies. We investigated the way worked for every type of vulnerability; then the process of detecting each type of vulnerability; finally, we provided prevention for each type of vulnerability. Which achieved three goals: reduce testing costs, increase efficiency, and safety. The proposed system has been validated through a practical application on a website, and experimental results demonstrate its effectiveness in detecting and preventing security threats. Our study contributes to the field of security by presenting an innovative approach to addressing security concerns, and our results highlight the importance of implementing advanced detection and prevention methods to protect against potential cyberattacks. The significance and research value of this survey lies in its potential to enhance the security of online systems and reduce the risk of data breaches.

This paper focuses on the design model verification processes to reduce modification cost after the software is delivered. We proposed a new design flow of web content integrity to protect web security by using colored petri nets simulation. The method covers the design process from the firewall stage to the recovery stage. In the proposed solution, the model verified the integrity of web content through detection tampering and recovery web content processes. Furthermore, the specification formally verifies the model checking technique by colored Petri nets formalism. Finally, the model is simulated by colored petri nets to insure the correct behavior of the designed web content integrity model.