Student Presenter(s): Lie Zhou and Xuanyang Luo
Faculty Mentor: Maryam Raiyat Alibadi
School/College: Engineering and Computing Sciences, Vancouver

This paper outlines a method for determining the most appropriate penetration testing tools for comprehensive risk assessment tasks. We have selected four tools – OWASP ZAP, Burp Suite Professionals, Nmap and Intruder – to assess the risk of Company C's web application. The Analytic Hierarchy Process (AHP) was then used to evaluate these tools based on user experience and determine the most suitable tool based on the AHP outcome.