Development and Evaluation of SAVI: Simple Automated Vulnerability Inspector

Vulnerability scanners have become increasingly complex over time, but there is still a lack of emphasis on creating a user-friendly experience for these tools .We developed a user-friendly vulnerability scanner to resolve this issue. In this paper we will discuss our approach to addressing this issue with our vulnerability scanner, leveraging open-source projects such as sqlmap and xxstrike. Evaluation of our solution will be performed by testing it and comparing with other popular options in the market such as OWASP ZAP, Aranchi, Pentest tools, and Wapiti. We will use the OWASP Benchmark project to assess the effectiveness and accuracy of each scanner, including true positives, false negatives, and false positives. Additionally, we will evaluate the usability of each scanner by testing them on five different control websites, taking into account factors such as platform, ease of navigation, and time required to generate reports. Our findings will provide valuable insights into the need for more user-friendly vulnerability scanners and offer an easy-to-use scanner that developers can use to boost their productivity. We hope that our research not only contributes a practical tool but also advocates for a shift towards accessibility and usability in vulnerability scanning and management.