<![CDATA[Web security is an important aspect in maintaining data integrity and confidentiality in the digital age, where cyber threats are increasingly complex and difficult to detect. This research was conducted because there are still many web systems that are vulnerable to attacks due to weak early detection of security gaps. For this reason, this study implements a combination of Nmap and Metasploit Framework as the main tools in proactively detecting and testing system vulnerabilities. The research method was carried out in three stages, namely data collection by scanning the network using Nmap to identify open ports and services, selecting the appropriate testing tools, and controlled exploitation using Metasploit on the Metasploitable2 test system. The results of the study show that Nmap is capable of mapping the attack surface in detail, while Metasploit can validate the scan results through exploitation of vulnerable services such as vsftpd 2.3.4, which successfully provided root access to the target system. The combination of these two tools has proven to be effective in conducting systematic, fast, and accurate early detection of attacks, so that it can be used as a preventive measure to improve web security from potential cyber threats.]]>
Copyrights © 2026
