<![CDATA[Data integrity has become vital in the quickly evolving digital era, pushing cybersecurity to a critical concern. Securing cybersecurity is crucial for systems such as the Posketanmu website in Mojokerto Regency, as it is responsible for safeguarding sensitive personal information. The objective of this research is to detect, evaluate, and exploit on any security weaknesses present on the Posketanmu website. The methodology combines the Google Penetration Testing strategy with the latest OWASP Top 10 2021 criteria. The penetration testing procedure comprises five distinct steps: Initially, the process involves collecting data and comprehending the platform by utilizing several programs such as Nmap, Nslookup, Wappalizer, Whatweb, Whois, and Google Hacking. Furthermore, the process involves utilizing ZAP to do vulnerability scanning, resulting in the creation of thorough reports. Furthermore, doing a vulnerability assessment, which involves manual testing and classification according to OWASP standards. Furthermore, effectively capitalizing on all eleven identified vulnerabilities. Ultimately, the task involves adhering to the OWASP Top 10 2021 standards by documenting, reporting, and suggesting solutions for any identified issues. This investigation found and resolved four significant security vulnerabilities on the Posketanmu website: stored XSS, unset CSP header, unset Strict-Transport-Security header, and open redirect. The implementation of Google Penetration Testing and adherence to the OWASP Top 10 2021 criteria have greatly improved the security of the Posketanmu website, ensuring the protection of Mojokerto Regency citizens' data.]]>
Copyrights © 2024
