<![CDATA[The increasing use of websites in various aspects of daily life has led to an urgent need to ensure the security of the information presented. One of the significant threats in website security is Cross-Site Scripting (XSS), where an attacker inserts malicious code into a web page to be executed by the user. This research aims to apply penetration testing techniques as a method to detect and resolve XSS vulnerabilities in website development. The research was conducted through three stages: installation of software to support penetration testing, execution of penetration testing using OWASP ZAP to identify vulnerabilities, and evaluation and implementation of solutions to address the vulnerabilities found. The results show that the implementation of the htmlspecialchars function in PHP is effective in preventing the execution of malicious scripts, thereby reducing the risk of XSS attacks. In addition, penetration testing techniques proved to be an effective method in identifying and mitigating security risks in web applications. Thus, this research emphasizes the importance of thorough security testing and implementation of appropriate preventive measures to maintain the integrity and user trust of web applications.]]>
Copyrights © 2024
