Yosua Ade Pohan scite author profile

Yosua Ade Pohan

2Publications

0Citation Statements Received

0Citation Statements Given

How they've been cited

How they cite others

Affiliations

Universitas Putra Indonesia "YPTK"

Publications

Order By: Most citations

Meningkatkan Keamanan Webserver Aplikasi Pelaporan Pajak Daerah Menggunakan Metode Penetration Testing Execution Standar

2021

View full text Add to dashboard Cite

Regional Tax Reporting Application Webserver is one of the public services for taxpayers to report their sales transactions. This application can be accessed on the domain http://sptpd.payakumbuhkota.go.id. This application is public, so the principles of information security must be applied to prevent cyber attacks. The principles of information security include confidentiality, integrity, and availability. To apply this information security principle, it is necessary to conduct vulnerability assesment of the application webserver. This study aims to improve the security of the application webserver so that the data and information in it is secure. The method used in this study is the Penetration Testing Execution Standard which is one of the methods developed by the Pentest Organization to become a standard in analyzing or auditing security systems. The results of vulnerability testing using software Acunetix, Nikto, BurpSuite and Owasp, there are seven types of vulnerabilities, namely: X-Frame Header Options is Missing, CSRF Attack, Cookie Without Only Flash, DNS Vulnerability, Ddos Attack, Bruteforce Page Login and Open Port. The vulnerability can be exploited, where the level of application vulnerability is in the medium category. The recommendations for fixing vulnerabilities can be applied by the developer, so that after repairs are made, the vulnerability level of the application webserver is in the low category and there is only one type of vulnerability, namely Brute Force Page Login.

show abstract

Improving Webserver Security for Local Tax Reporting Applications Using Standard Penetration Testing Execution Methods

Pohan¹,

Yunus²,

Sumijan³

2020

JSisfotek

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Yosua Ade Pohan

Meningkatkan Keamanan Webserver Aplikasi Pelaporan Pajak Daerah Menggunakan Metode Penetration Testing Execution Standar

Improving Webserver Security for Local Tax Reporting Applications Using Standard Penetration Testing Execution Methods

Contact Info

Product

Resources

About