Article Per Year (5 Year)
p-Index From 2020 - 2025
0.23
P-Index
This Author published in this journals
All Journal Applied Information Technology and Computer Science (AICOMS)
Fahrul Reza, Mochamad
Unknown Affiliation
Computer Science & IT

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Penerapan Penetration Testing pada Sistem EasyCart dalam Menghadapi Ancaman Keamanan Siber Fahrul Reza, Mochamad; Sutanto, Imam
Applied Information Technology and Computer Science (AICOMS) Vol 4 No 2 (2025)
Publisher : Pengelola Jurnal Politeknik Negeri Ketapang

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.58466/aicoms.v4i2.1937

Abstract

Information security in e-commerce applications is a crucial aspect in maintaining the integrity, confidentiality, and availability of user data. The method used is penetration testing with a black-box and grey-box approach, referring to the Penetration Testing Execution Standard (PTES) and the OWASP Top 10 framework for 2021. The testing was conducted through the seven PTES phases: Pre-engagement Interactions, Intelligence Gathering, Threat Modeling, Vulnerability Analysis, Exploitation, Post-Exploitation, and Reporting. The testing environment was run locally using tools such as Burp Suite, OWASP ZAP, Nikto, SQLMap, and Nmap. The testing results identified 20 vulnerabilities with high, medium, and low risk levels, including Cross-Site Scripting (XSS), SQL Injection, Broken Access Control, and Security Misconfiguration. Mitigation recommendations are based on ISO/IEC 27001:2022 controls, specifically Annex A.5 (information security policy), A.8 (asset management), and A.12 (operational security). This research contributes to the understanding and application of standards-based security testing in simulation applications, while emphasizing the importance of input validation, secure system configuration, and regular updates as mitigation measures against cyber threats.
Co-Authors Sutanto, Imam