IMPLEMENTASI OWASP ZAP UNTUK PENGUJIAN KEAMANAN SISTEM INFORMASI AKADEMIK
DOI:
https://doi.org/10.47111/jti.v16i2.3995Keywords:
OWASP, Website, active scan, keamanan websiteAbstract
Information security is an important thing that must be considered for every individual and institution in order to avoid crime. Poor information systems can threaten the critical infrastructure of an organization. Problems with system security vulnerabilities or disruptions are widely scattered on the internet. Early detection of the weakness of a system is the initial solution in securing a system. Therefore we need an analysis of the vulnerability of a system that refers to the security standardization of the Open Web Application Security Project (OWASP) by performing an active scan. Website vulnerability analysis using the OWASP ZAP technique with the help of several security tools is able to determine the security level of a website based on the results of scans and tests that have been carried out where almost every test category is able to find vulnerabilities, although there are several categories that do not have vulnerabilities. The purpose of this study is to identify the vulnerabilities contained in the University Academic Information System website and conduct testing and analysis to determine the condition of the vulnerability of the University Academic Information System website using the Open Web Application Security Project (OWASP). The research method used as a website security parameter is OWASP Top-10 2021.
Downloads
References
Nigel Cunong,Dennis., Saputra, Muhardi., Puspitasari, Warih. (2020). Analisis Resiko Keamanan Terhadap Website Dinas Penanaman Modan dan Pelayanan Terpadu Satu Pintu Pemerintahan XYZYZ Menggunakan Standar Penetration Testing Execution Standard (PTES). e-Proceeding of Engineering, 7(1), 2090-2095.
Hidayatulloh, Syarif., Saptadiaji, Desky. (2021). Penetration Testing pada Website Universitas ARS Menggunakan Open Web Application Security Project (OWASP). Jurnal Algoritma, 19(1), 77-86.
Mayasari, Rini., Ali Ridha, Azhari., Juardi, Didi., Ahmad Baihaqi, Kiki. (2020). Analisis Vulnerability pada Website Universitas Singaperbangsa Karawang menggunakan Acunetix Vulnerability. SYSTEMATICS, 2(1), 33-38.
Wibowo1, Feri., Harjono., Purwo Wicaksono, Agung,. Harjono. (2019). Uji Vulnerability pada Website Jurnal Ilmiah Universitas Muhammadiyah Purwokerto Menggunakan OpenVAS dan Acunetix WVS. Jurnal Informatika, 6(2), 212-218.
Elanda, Anggi., Lintang Buana. (2020). Analisis Sistem Keamanan Sistem Informasi Berbasis Webiste Dengan Metode Open Web Application Security Project (OWASP) Versi 4: Systematic Review. Journal of Computer Engineering System and Science, 5(2), 185-191.
Yudiana., Elanda, Anggi., Lintang Buana, Robby. (2021) Analisis Kualitas Keamanan Sistem Informasi E- Office Berbasis Website Pada STMIK Rosma Dengan Menggunakan OWASP TOP 10. Journal of Computer Engineering System and Science. 6(2), 185-191.
Yulianingsih. Melindungi Aplikasi dari Serangan CrossSite Scripting (XSS) Dengan Metode Metacharacter. TEKNOSI, 3(1), 83-88.
Kurniawan, A. (2020). Penerapan Framework OWASP dan Network Forensics untuk Analisis, Deteksi, dan Pencegahan Serangan Injeksi di Sisi Host-Based. Jurnal Telematika, 14(1), 9-18.
Riadi, I., Rusydi Umar, R., & Lestari, T. (2020). Analisis Kerentanan Serangan Cross Site Scripting (XSS) pada Aplikasi Smart Payment Menggunakan Framework OWASP. Jurnal Informatika Sunan Kalijaga, 5(3), 146– 152.
Putra, Y., Yunus2, Y., & Sumijan. (2021). Meningkatkan Keamanan Web Menggunakan Algoritma Advanced Encryption Standard (AES) Terhadap Seragan Cross Site Scripting. Jurnal Sistem Informasi dan Teknologi, 3(2), 56-63.