WEB SECURITY HOLE ANALYSIS USING PENETRATION TESTING EXECUTION AND STANDARD METHOD (CASE STUDY: UNIVERSITY OF SINGAPERBANGSA KARAWANG)

  • Zidan Faizi Universitas Singaperbagsa Karawang
  • Puwantoro . Universitas Singaperbangsa Karawang
  • Azhari Ali Ridha Universitas Singaperbangsa Karawang
DOI: https://doi.org/10.35959/jik.v11i02.480
Keywords: Penetration Testing Execution and Standard (PTES), SQL Injection, Website Security, Website Vulnerability, Cross-Site Scripting (XSS)

Abstract

Web security is one of the main problems in today's digital era. In the face of security threats, Singaperbangsa University of Karawang (Unsika) needs to pay attention to the security of their information systems, especially on the website. Therefore, this research was conducted to analyze the security vulnerabilities of Unsika's website using the Penetration Testing Execution and Standard (PTES) method. This research aims to find and analyze security vulnerabilities on the Unsika website and provide recommendations for improving website security. The PTES method is used to test and analyze websites in terms of security, including vulnerability identification, penetration, and other security testing. The results showed that there were several security vulnerabilities on the Unsika website that could be exploited by attackers, After the scan was carried out, it was found that there was one vulnerability that had a high risk, five vulnerabilities with moderate risk, five vulnerabilities with low risk, and six vulnerabilities with informational risk. The recommendation given is to improve the security of the Unsika website by fixing the vulnerabilities that have been identified. In addition, it is also important to update and renew software and increase user awareness in managing and using information systems safely. In conclusion, this research proves that the PTES method can be used to find and analyze security vulnerabilities on the website. It is hoped that the results of this research can help Unsika in improving the security of their information systems, especially on the website.

Downloads

Download data is not yet available.

References

[1] Gani, A. (2018). CYBERCRIME (KEJAHATAN BERBASIS KOMPUTER). Logo Header Halamanjsi (Jurnal Sistem Informasi) Universitas Suryadarma, 5(1), 16–29. Https://Doi.Org/Https://Doi.Org/10.35968/Jsi.V5i1.18

[2] Gontar, P., & Kamisiński, J. (2020). Security Testing Of Web Applications – A Survey Of Current Approaches. International Journal Of Network Security, 22(6), 1033-1053.

[3] Hadzic, F., & Maric, J. (2018). Penetration Testing Of Web Applications - A Review Of Current Techniques And Tools. 2018 International Conference On Smart Systems And Technologies (SST), Sarajevo, Bosnia And Herzegovina, 1-6. Doi: 10.1109/SST.2018.8467647

[4] Khan, Z., & Li, S. (2020). A Review Of Web Application Security Testing Methodologies. International Journal Of Web Information Systems, 16(2), 146-166. Doi: 10.1108/IJWIS-02-2019-0017

[5] Mulyadi. (2018). Bagaimana Melakukan “Penetration Test”? Retrieved From Www.Kompasiana.Com Website: Https://Www.Kompasiana.Com/Moengil/5a4ae 2655e13736b135dd7e3/Bagaim

[6] Ramadhan, B. (2020). Data Internet Di Indonesia Dan Perilakunya Tahun 2020. Retrieved From Teknoia.Com Website: Https://Teknoia.Com/Data-Internet-Di- Indonesia-Dan-Perilakunya-880c7bc7cd19

[7] Taneski, N., & Madevska-Bogdanova, A. (2019). A Systematic Review Of Web Application Penetration Testing Methodologies. International Journal Of Advanced Computer Science And Applications, 10(6), 70-78. Doi: 10.14569/IJACSA.2019.0100609

[8] Stallings, W. (2021). Cryptography And Network Security: Principles And Practice (8th Ed.). Pearson.

[9] Tanenbaum, A. S., Wetherall, D. (2019). Computer Networks (5th Ed.). Pearson.

[10] Tania, A. M., Setiyadi, D., & Khasanah, F. N. (2018). Keamanan Website Menggunakan Vulnerability Assessment. INFORMATICS FOR EDUCATORS AND PROFESSIONALS, 2(2), 171–180. Retrieved From Http://Download.Garuda.Kemdikbud.Go.Id/Article.Php?Article=718152&Val=11042&Title=K Eamanan Website Menggunakan Vulnerability Assessment

[9] Utoro, S., Nugroho, B. A., Meinawati, & Widianto, S. R. (2020). Analisis Keamanan Website E- Learning SMKN 1 Cibatu Menggunakan Metode Penetration Testing Execution Standard. JURNAL MULTINETICS, 6(2), 169–178. Retrieved From Https://Www.Researchgate.Net/Publication/348 303165_Analisis_Keamanan_Website_E- Learning_SMKN_1_Cibatu_Menggunakan_Metode_Penetration_Testing_Execution_Sta Ndard

[10] Yahya, A. S. A., & Alnaim, A. (2019). Penetration Testing Methodology: A Review Of The State Of The Art. 2019 15th International Conference On Innovations In Information Technology (IIT), Abu Dhabi, United Arab Emirates, 22- 24. Doi: 10.1109/INNOVATIONS.2019.8710634
Published
2023-10-31
How to Cite
[1]
Z. Faizi, P. ., and A. Ridha, “WEB SECURITY HOLE ANALYSIS USING PENETRATION TESTING EXECUTION AND STANDARD METHOD (CASE STUDY: UNIVERSITY OF SINGAPERBANGSA KARAWANG)”, Jurnal Informasi dan Komputer, vol. 11, no. 02, pp. 322-327, Oct. 2023.
Issue
Vol 11 No 02 (2023): Jurnal Informasi dan Komputer yang terbit pada tahun 2023 pada bulan 10 (Oktober)
Section
Articles