<![CDATA[This study aims to analyze security vulnerabilities and mitigation on the crowdo.co.id website using the OWASP Zed Attack Proxy (ZAP) tool, which is a web application security testing tool. High-level security attacks have increasingly risen alongside the advancement of information technology, making vulnerability testing crucial to ensure the integrity and security of information systems. This research involved scanning the crowdo.co.id website to identify various vulnerabilities, including those listed in the OWASP Top 10. The research process encompassed active and passive scanning, data analysis from the scans, and the formulation of mitigation strategies for each identified vulnerability. The findings revealed that the website had 14 detected vulnerabilities, consisting of 1 high-priority vulnerability, 3 medium-priority vulnerabilities, 7 low-priority vulnerabilities, and 3 additional informational alerts. The security dimensions tested included potential XSS attacks, SQL Injection, and other deficiencies that could jeopardize user data. Based on these results, recommended mitigations include code improvements, enhanced security configurations, and the implementation of additional preventive measures. This study concludes that while the website’s security is in the medium category, further improvements are necessary to reduce vulnerability risks. Through this approach, the study provides significant contributions to enhancing web application security.]]>
Copyrights © 2025
