PENETRATION TESTING WEBSITE ELEARNING2.BINADARMA.AC.ID WITH PTES METHOD (PENETRATION TESTING EXECUTION STANDARD)

Keywords: penetration testing, website, e-learning, PTES

Abstract

Bina Darma University is one of the best private campuses that provides a website-based online learning system. With the increasing distribution of information online in the era of the Covid-19 pandemic and the high enthusiasm of students in online learning, it is very important for Bina Darma University to pay attention to the security of the information system website used to protect user data. The goal to be achieved in this research is to implement penetration testing with the Black Box method and the PTES method on the elearning2.binadarma.ac.id website. The PTES method can be used as a standard guide for assessing web-based application security which consists of 5 stages, which consist of information gathering, threat modeling, vulnerability analysis, exploitation, and reporting. At the end of the research, it can be concluded that testing on elearning2binadarma.ac.id was identified as having a loophole in Cross Site Scripting (XSS) which is quite dangerous if it spreads further. The way to handle this gap can be done by checking website vulnerabilities regularly.

Downloads

Download data is not yet available.

References

R. Alexandro, F. Hariatama, and M. Wulandari, “Dampak Positif E-learning pada Pendidikan,” J. Imiah Pendidik. dan Pembelajaran, vol. 6, no. 1, p. 99, 2022, doi: https://doi.org/10.23887/jipp.v6i1.43695.

R. Pramudita, S. Fuada, and N. W. A. Majid, “Keamanan Informasi dalam Suatu Website,” J. Media Inform. Budidarma, vol. 4, no. 2, p. 309, 2020, doi: http://dx.doi.org/10.30865/mib.v4i2.1934.

S. Utoro, B. A. Nugroho, M. Meinawati, and S. R. Widianto, “Analisis Keamanan Website E-Learning Menggunakan Metode Penetration Testing Execution Standard,” Multinetics, vol. 6, no. 2, pp. 169–178, 2020, doi: https://doi.org/10.32722/multinetics.v6i2.3432.

M. Kuliah, “Pengenalan Whois sebagai Protokol Informasi Domain pada Website,” 2019.

I. G. A. S. Sanjaya, G. M. A. Sasmita, and D. M. S. Arsa, “Evaluasi Tahap Reverse Ip address Pada Metode Penetration Testing Execution Standar,” J. Ilm. Merpati (Menara Penelit. Akad. Teknol. Informasi), vol. 8, no. 2, p. 113, 2020, doi: 10.24843/jim.2020.v08.i02.p05.

S. Hidayatulloh and D. Saptadiaji, “Penetration Testing pada Website Menggunakan Open Web Application Security Project (OWASP),” J. Algoritm., vol. 18, no. 1, pp. 77–86, 2021, doi: https://doi.org/10.33364/algoritma/v.18-1.827.

A. M. Akmal, N. Heryana, and A. Solehudin, “Analisis Keamanan Website Menggunakan Nikto Sebagai Metode Vulnerability Analysis,” Al-Irsyad, vol. 105, no. 2, p. 79, 2017, [Online]. Available: https://core.ac.uk/download/pdf/322599509.pdf.

I. Riadi, R. Umar, and T. Lestari, “Analisis Kerentanan Serangan Cross Site Scripting (XSS) Menggunakan Framework OWASP,” JISKA (Jurnal Inform. Sunan Kalijaga), vol. 5, no. 3, pp. 146–152, 2020, doi: https://doi.org/10.14421/jiska.2020.53-02.

Z. A. Anwari, I. G. P. Wedana, J. Deva, K. D. D. Widyaputra, G. A. J. Saskara, and I. M. E. Listartha, “Analisis Kerentanan Pada Suatu Website Menggunakan Tools Xspear,” J. Inform. Teknol. dan Sains, vol. 4, no. 4, pp. 406–412, 2022, doi: https://doi.org/10.51401/jinteks.v4i4.2104.

Y. A. Pohan, “Meningkatkan Keamanan Website Menggunakan Metode Penetration Testing Execution Standar,” J. Sistim Inf. dan Teknol., vol. 3, pp. 1–6, 2021, doi: https://doi.org/10.37034/jsisfotek.v3i1.36.

PlumX Metrics

Published
2023-03-31
How to Cite
[1]
R. Dasmen, R. Rasmila, T. Widodo, K. Kundari, and M. Farizky, “PENETRATION TESTING WEBSITE ELEARNING2.BINADARMA.AC.ID WITH PTES METHOD (PENETRATION TESTING EXECUTION STANDARD)”, jicon, vol. 11, no. 1, pp. 91-95, Mar. 2023.
Section
Articles

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.