Penetrations testing in order to find vulnerabilities in networks, systems or services require the explicit permission of the resource owner. However, there are vulnerabilities which can be found with non-evasive testing methods (e.g. "Google hacking") and without negative influence on the resource. This allows for example large scale analysis of huge numbers of Web pages.
The tasks on this thesis are: state of the art of non-evasive vulnerability analysis, creating a scanner of the most popular Web pages (e.g. Alexa Top 1 Million) and analysis of discovered vulnerabilities.