<![CDATA[Currently, the internet has evolved into a source of information across various fields and demographics, making it easily accessible to many people. SQL injection and XSS payloads are among the most common types. The objective of this research is to detect the level of vulnerability of security gaps found and provide recommendations to the host for mitigating those risks. This research is qualitative in nature, focused on detecting the security gap levels on the Hotel Embryo website. The study uses vulnerability evaluation and penetration testing methods, with a manual penetration testing approach targeting specific URLs and vulnerability scanning using the Xspear tool. The research stages begin with gathering information from relevant sources through case studies and literature reviews of scientific articles, software and tools installation, followed by the core phase, which involves exploitation through pentest techniques and documenting the analysis results of the vulnerabilities found. The research subject is the Hotel Embryo website, and the research object is the security vulnerabilities detected on the website. Our findings identified a parameter in the room menu of the Hotel Embryo website, where 10 vulnerabilities with a HIGH status were discovered, posing significant risks, particularly to important data such as administrative information, personal data, institutional details, and more, which could be hacked and misused by cyber attackers.]]>
Copyrights © 2024
