<![CDATA[Web-based platform security is an important aspect that developers must consider. However, numerous developer still exhibit insufficient attention to enhancing the security level of their websites, thereby increasing the likelihood of these platforms becoming targets of cyber attacks. To address this challenge, the utilization of tools such as Nuclei Vulnerability Scnner and Owasp Zap presents an effective solution for the rapid detection of potential vulnerabilities in web-based platforms. This research involved testing a locally developed dummy web application , with scanning processes conducted using the Nuclei Vulnerability Scanner and Owasp Zap tools. The findings reveal that Nuclei Vulnerability Scanner proves effective in identifying vulnerabilities at the network layer, particularly in relation to SSL/TLS protocols and proxy configurations. In contrast, Owasp Zap is more focused on detecting vulnerabilities within the web application layer, especially concerning security header configurations that may be exploited through browser-based attacks such as XSS and clickjacking. Mitigation of the identified vulnerabilities resulted in a substantial reduction in their severity, with a 90% decrease in Nuclei and an 80% reduction in Owasp Zap. Both tools demonstrated high accuracy and efficient scanning times, establishing them as effective solutions for enhancing security across both network and application layers. This study recommends the integration of these tools into a comprehensive cyber security strategy to safeguard system integrity and availability while addressing the continuously evolving threat landscape, in alignment with the layered security principle advocated in contemporary literature.]]>
