Ghufron Zaida Muflih
Universitas Maarif Nahdlatul Ulama Kebumen

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

Analisis Keamanan Website SMK VIP Al-Huda Kebumen Menggunakan Metode Penetration Testing Execution Standard (PTES) Abdur Rahman Fadilah; Ghufron Zaida Muflih
CHAIN: Journal of Computer Technology, Computer Engineering, and Informatics Vol. 4 No. 3 (2026): Volume 4 Number 3 July 2026 (ONLINE FIRST)
Publisher : PT. Tech Cart Press

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.58602/chain.v4i3.290

Abstract

The rapid growth of information technology and internet usage has increased cybersecurity threats to web-based applications. The website of SMK VIP Al Huda Kebumen, which functions as a digital information and service platform, has the potential to become a target of cyberattacks if security evaluations are not conducted regularly. This study aims to analyze the security level of the SMK VIP Al Huda Kebumen website using the Penetration Testing Execution Standard (PTES) method. PTES was chosen because it provides systematic testing stages including pre-engagement interaction, information gathering, threat modeling, vulnerability analysis, exploitation, post-exploitation, and reporting. The testing process utilized several tools such as Zenmap/Nmap, OWASP ZAP, SQLMap, DNS Scan, and Infoga. The results indicate that the website still has several potential security vulnerabilities, including open service ports, brute force attack risks on SSH services, credential theft risks on FTP services, and possible exploitation of cPanel services. In addition, the vulnerability analysis identified several low and medium risk vulnerabilities that could potentially be exploited by attackers. Although the system is protected by a firewall and uses Linux operating system with Apache web server, further improvements are still required through regular system updates, better encryption implementation, service access restrictions, and additional security policies. This research is expected to become a reference for improving school website security and preventing cyber threats in educational environments.