PENETRATION TESTING WEBSITE ELEARNING2.BINADARMA.AC.ID WITH PTES METHOD (PENETRATION TESTING EXECUTION STANDARD)
-
Rahmat Novrianda Dasmen(1*)
Universitas Bina Darma
http://orcid.org/0000-0001-7348-5377
-
Rasmila Rasmila(2)
Universitas Bina Darma
-
Tantri Langgeng Widodo(3)
Universitas Bina Darma
http://orcid.org/0000-0003-3564-2997
-
Kundari Kundari(4)
Universitas Bina Darma
http://orcid.org/0000-0003-4798-0184
-
Muhammad Tio Farizky(5)
Universitas Bina Darma
(*) Corresponding Author
Abstract
Bina Darma University is one of the best private campuses that provides a website-based online learning system. With the increasing distribution of information online in the era of the Covid-19 pandemic and the high enthusiasm of students in online learning, it is very important for Bina Darma University to pay attention to the security of the information system website used to protect user data. The goal to be achieved in this research is to implement penetration testing with the Black Box method and the PTES method on the elearning2.binadarma.ac.id website. The PTES method can be used as a standard guide for assessing web-based application security which consists of 5 stages, which consist of information gathering, threat modeling, vulnerability analysis, exploitation, and reporting. At the end of the research, it can be concluded that testing on elearning2binadarma.ac.id was identified as having a loophole in Cross Site Scripting (XSS) which is quite dangerous if it spreads further. The way to handle this gap can be done by checking website vulnerabilities regularly.
Downloads
References
R. Alexandro, F. Hariatama, and M. Wulandari, “Dampak Positif E-learning pada Pendidikan,” J. Imiah Pendidik. dan Pembelajaran, vol. 6, no. 1, p. 99, 2022, doi: https://doi.org/10.23887/jipp.v6i1.43695.
R. Pramudita, S. Fuada, and N. W. A. Majid, “Keamanan Informasi dalam Suatu Website,” J. Media Inform. Budidarma, vol. 4, no. 2, p. 309, 2020, doi: http://dx.doi.org/10.30865/mib.v4i2.1934.
S. Utoro, B. A. Nugroho, M. Meinawati, and S. R. Widianto, “Analisis Keamanan Website E-Learning Menggunakan Metode Penetration Testing Execution Standard,” Multinetics, vol. 6, no. 2, pp. 169–178, 2020, doi: https://doi.org/10.32722/multinetics.v6i2.3432.
M. Kuliah, “Pengenalan Whois sebagai Protokol Informasi Domain pada Website,” 2019.
I. G. A. S. Sanjaya, G. M. A. Sasmita, and D. M. S. Arsa, “Evaluasi Tahap Reverse Ip address Pada Metode Penetration Testing Execution Standar,” J. Ilm. Merpati (Menara Penelit. Akad. Teknol. Informasi), vol. 8, no. 2, p. 113, 2020, doi: 10.24843/jim.2020.v08.i02.p05.
S. Hidayatulloh and D. Saptadiaji, “Penetration Testing pada Website Menggunakan Open Web Application Security Project (OWASP),” J. Algoritm., vol. 18, no. 1, pp. 77–86, 2021, doi: https://doi.org/10.33364/algoritma/v.18-1.827.
A. M. Akmal, N. Heryana, and A. Solehudin, “Analisis Keamanan Website Menggunakan Nikto Sebagai Metode Vulnerability Analysis,” Al-Irsyad, vol. 105, no. 2, p. 79, 2017, [Online]. Available: https://core.ac.uk/download/pdf/322599509.pdf.
I. Riadi, R. Umar, and T. Lestari, “Analisis Kerentanan Serangan Cross Site Scripting (XSS) Menggunakan Framework OWASP,” JISKA (Jurnal Inform. Sunan Kalijaga), vol. 5, no. 3, pp. 146–152, 2020, doi: https://doi.org/10.14421/jiska.2020.53-02.
Z. A. Anwari, I. G. P. Wedana, J. Deva, K. D. D. Widyaputra, G. A. J. Saskara, and I. M. E. Listartha, “Analisis Kerentanan Pada Suatu Website Menggunakan Tools Xspear,” J. Inform. Teknol. dan Sains, vol. 4, no. 4, pp. 406–412, 2022, doi: https://doi.org/10.51401/jinteks.v4i4.2104.
Y. A. Pohan, “Meningkatkan Keamanan Website Menggunakan Metode Penetration Testing Execution Standar,” J. Sistim Inf. dan Teknol., vol. 3, pp. 1–6, 2021, doi: https://doi.org/10.37034/jsisfotek.v3i1.36.
Copyright (c) 2023 Rahmat Novrianda Dasme, Rasmila, Tantri Langgeng Widodo, Kundari, Muhammad Tio Farizky
This work is licensed under a Creative Commons Attribution 4.0 International License.
The author submitting the manuscript must understand and agree that if accepted for publication, authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work’s authorship and initial publication in this journal.
