Analisis Metode Open Web Application Security Project (OWASP) Menggunakan Penetration Testing pada Keamanan Website Absensi

Riandhanu, Ichsan Octama

doi:10.37034/jidt.v4i3.236

Cited by 7 publications

(3 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In addition, the developer of these tools also opens opportunities for everyone in the field of information security to improve information system security by developing the OWASP application (Kuncoro & Rahma, 2021). These tools are capable of scanning vulnerabilities that can be used as a standard for testing, so that vulnerability information can be generated (Riandhanu, 2022).…”

Section: Vulnerability Assessmentmentioning

confidence: 99%

Analysis of Higher Education SIAKAD Website Security Gaps Using the Vulnerability Assessment Method

Syarifudin,

Setiyani

2023

Int. J. Multidiscipline. Approach. Res. Sci.

View full text Add to dashboard Cite

SIAKAD is a website-based application designed to facilitate academic management and academic activities by universities. The SIAKAD system contains sensitive and important information from lecturers and students such as personal, academic, and financial information. Seeing the importance of information security, universities must be able to ensure that their SIAKAD is protected by a strong and reliable security system. To find out threats that can be exploited by hackers, it is necessary to analyze security holes in a system. The research procedure was carried out through (1) Terminal, Zenmap, Whois, Wappalyzer as tools for foot printing or data collection, (2) OWASP ZAP as a tool for conducting Vulnerability Scanning. The results of this study revealed that there were 11 vulnerabilities found, consisting of 5 medium vulnerability levels and 6 low level vulnerabilities. In addition, to deal with these vulnerabilities, this research also discusses solutions that can be alternatives for increasing information security in higher education SIAKAD.

show abstract

Section: Vulnerability Assessmentmentioning

confidence: 99%

Analysis of Higher Education SIAKAD Website Security Gaps Using the Vulnerability Assessment Method

Syarifudin,

Setiyani

2023

Int. J. Multidiscipline. Approach. Res. Sci.

View full text Add to dashboard Cite

show abstract

“…Kelemahan dalam kontrol akses terjadi karena kurangnya pengujian fungsional oleh pengembang aplikasi. [8].…”

Section: Pendahuluanunclassified

Pengujian Keamanan Learning Management System TutorLMS Terhadap Kerentanan Insecure Design dan Broken Access Control

Prasetyo¹,

Hasanah

Wijaya

2022

telcomatics

View full text Add to dashboard Cite

Menjual kursus digital merupakan ide kreatif yang dapat dilakukan dimasa pandemi COVID-19. Melalui video yang interaktif maka peluang untuk mendapatkan penghasilan lebih besar. Untuk menjual kursus digital seseorang atau perusahaan memerlukan sebuah sistem informasi yang dapat mengelolah administrasi, pendaftaran keanggotaan, pembayaran dan manajemen isi pembelajaran. Learning Management System (LMS) terintegrasi dapat digunakan untuk menjual kursus digital. Salah satu LMS yang dapat digunakan adalah TutorLMS, saat ini TutorLMS sudah digunakan lebih dari 60.000 pengguna. Pengujian Insecure Design dan Broken Access Control digunakan untuk mengetahui seberapa aman penggunaan TutorLMS dalam menjual kursus online. Dengan pengujian ini diharapkan penjual bisa berjualan kursus online dengan aman. Pengujian dilakukan menggunakan metode action research dimana langsung melakukan pengujian pada objek, disini penulis menggunakan demo website TutorLMS untuk melakukan pengujian. Dari hasil pengujian kursus online berbayar dapat diakses dengan mudah oleh pengunjung yang tidak melakukan pembelian bahkan pendaftaran. Desain REST API yang ada pada dokumentasi, tidak memerlukan autentikasi untuk membaca isi dari kursus online, menyebabkan pengunjung dapat dengan mudah untuk mengambil isi pembelajaran, video dan lainnya. Pengunjung juga dapat mendapatkan pertanyaan quiz dan jawaban, serta mendapatkan informasi author pembuat kursus.

show abstract

“…Tes keamanan dilakukan untuk menentukan tingkat kelemahan untuk menghindari serangan dari pertemuan yang tidak menyenangkan [6]. OWASP ZAP dapat membantu dalam menentukan tindakan yang perlu diambil untuk memitigasi kerentanan agar instansi pemerintah di Tapanuli Tengah memiliki perlengkapan yang lebih baik untuk melindungi data mereka dari serangan [7]. Salah satu aplikasi pemindai web paling populer, OWASP ZAP, adalah alat yang sangat baik untuk menyelesaikan masalah keamanan situs [8]- [10].…”

Section: Pendahuluanunclassified

Analisis Website Tapanuli Tengah Menggunakan Metode Open Web Application Security Project Zap (Owasp Zap)

Nisa,

Putra,

Siregar

et al. 2022

bit

View full text Add to dashboard Cite

Data security on the website is very important to prevent misuse of data or information on the website. Due to the rapid advancement of technology, many irresponsible persons who are often called hackers or hackers steal data. The author is interested in learning more about the security of the Central Tapanuli website (TAPTENG) as a result of this research. In this section, the author checks the security of the Tapanuli Tengah website using the OWASP ZAP method to assist in determining the actions that need to be taken to mitigate the vulnerability. There are several stages of OWASP that are carried out including Information Gathering, Session Management Testing, Data Validation Testing, and Webservices Testing. From the overall research results detected on the 192.187.99.170 website, the results obtained were 22079 instances with the threat name Timestamp Disclosure - Unix with the threat level at the Low level, which means it is at a low level.

show abstract

Analisis Metode Open Web Application Security Project (OWASP) Menggunakan Penetration Testing pada Keamanan Website Absensi

Cited by 7 publications

References 14 publications

Analysis of Higher Education SIAKAD Website Security Gaps Using the Vulnerability Assessment Method

Analysis of Higher Education SIAKAD Website Security Gaps Using the Vulnerability Assessment Method

Pengujian Keamanan Learning Management System TutorLMS Terhadap Kerentanan Insecure Design dan Broken Access Control

Analisis Website Tapanuli Tengah Menggunakan Metode Open Web Application Security Project Zap (Owasp Zap)

Contact Info

Product

Resources

About