|Project Description: ||Nowadays, due to development of the Internet, there is a substantial increase in the use of web and, the web applications have become the significant part of everyone’s life. Because of the increase in cyber-attacks, web application security has become one of the most important ongoing issue. There is an increase in risk of web attacks because of web developers not being aware of the cyber-attacks, and because of the loopholes in the prevailing technologies. The web applications have become target to many attacks like SQL injection, session management, cross site scripting and broken authentication. A lot of research is going on to safeguard these web applications from such malicious attacks. Also, there have been few tools developed to protect the web applications from malicious attacks but each of them has some specific flaws. This paper discusses an approach the flaws in the previous tools. The approach used here analyzes the validity of requests to the web applications and then generates cases for different attacks. These cases then help in differentiating the malicious and non-malicious traffic in the web applications.