Article Per Year (5 Year)
p-Index From 2021 - 2026
0.23
P-Index
This Author published in this journals
All Journal Jurnal Teknik Informatika (JUTIF)
J, Rizky Rachman
Unknown Affiliation
Computer Science & IT

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
PENETRATION TESTING OF A COMPUTERIZED PSYCHOLOGICAL ASSESSMENT WEBSITE USING SEVEN ATTACK VECTORS FOR CORPORATION WEBSITE SECURITY J, Rizky Rachman; Patty, Jonathan Suara
Jurnal Teknik Informatika (Jutif) Vol. 5 No. 3 (2024): JUTIF Volume 5, Number 3, June 2024
Publisher : Informatika, Universitas Jenderal Soedirman

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52436/1.jutif.2024.5.3.1731

Abstract

Websites, being dynamic platforms, undergo regular updates and continuous usage. Consequently, methods employed in website attacks evolve in tandem with increased security measures implemented in website systems, aiming to exploit both the website itself and its users. Website systems and features must remain prepared for potential future attacks at all times. To ensure this, penetration testing needed to be done consistently to keep up with security standards. This research aims to prove the various vulnerabilities that can be found from penetration testing in order to create recommendations on what to improve within a website. This research involves black box penetration testing of a computerized psychological testing website, developed by PT Dwi Purwa Teknologi hereinafter referred to as the client. The penetration testing simulated attacks by a foreign entity unfamiliar with the website's structure. The assessment focused on seven attack vectors: SQL injection, RCE, URL manipulation, CSRF, SSRF, XSS, and Broken Authentication and Session. Vulnerabilities resulted from poorly sanitized input forms, leading to SQL injection and RCE risks. Inadequate input validation enabled cross-site scripting attacks, while missing CSRF tokens exposed the website to CSRF threats. The research underscores the importance of penetration testing to identify and address security weaknesses, empowering the client to fortify their website against potential cyber threats.
Co-Authors Patty, Jonathan Suara