<![CDATA[Information security is a very important aspect in maintaining the confidentiality, integrity and availability of data on a system, especially on websites that are vulnerable to various cyber threats. This research aims to test website vulnerabilities using the penetration testing method by referring to the NIST SP 800-115 standard. The case study used in this research is the astonprinter.com website. The penetration testing method applied in this research follows the NIST SP 800-115 guidelines which include the Planning, Discovery, Attacking and Reporting stages. The results of the research show that the astonprinter.com website has 20 vulnerabilities that can be exploited, with details of 2 vulnerabilities which are in the high threat level, namely DNS Server Spoofed Request Amplification Ddos and Path Traversal, then it has 7 vulnerabilities which are in the medium threat level, including DNS Server Chace Snooping Remote Information Disclosure and Vulnerable Js Library and 11 vulnerabilities that are in the low threat level including ICMP Timestamp Request Remote Date Disclosure, SSH Server CBC Mode Ciphers Enabled, , Cookie No HttpOnly Flag and Cookie without SameSite Attribute. These findings can provide valuable insight for website managers in strengthening security systems and reducing the risk of cyber attacks in the future.]]>
Copyrights © 2024
