<![CDATA[Website or what is often also called Web, can be interpreted as a collection of a page that displays a type of text information, data, images. Computer network security is one of the most important and fundamental to the system. In using the web which is very easy to do, especially in reading such as comics and so on, it is necessary to anticipate security so that web applications can be protected from harassment or hacker attacks such as Cross-Site Scripting (XSS). This experiment was conducted to determine the vulnerability of the comic web application by means of a self-test using the ZAP and XSpear tools. This test is carried out to secure the application that is used as a follow-up recommendation in securing the Smart Payment application. The results of this experiment found a vulnerability in the comic reading web, namely neonime.co. The vulnerabilities found were Cross-Domain Misconfiguration, X-Frame-Options Header Not Set, Absence of Anti-CSRF Tokens, Cookie No HTTP Only Flag, Cookie without Same Site Attribute, Cross-Domain JavaScript Source File Inclusion, Incomplete or No Cache-control Header Set, Server Leaks Information via "X-Powered-By" HTTP ResponseHeader Field(s) and Timestamp Disclosure - Unix. In addition to obtaining vulnerabilities from the comic web application, solutions are also provided to overcome vulnerabilities in the Smart Payment application.]]>
Copyrights © 2022
