<![CDATA[Advances in internet technology pose major challenges in maintaining website security against various cyber threats. This Systematic Literature Review (SLR) aims to identify and analyze the methods and tools used in website security testing with a focus on penetration testing. This study was conducted by screening 1,911,363 initial articles obtained from various academic repositories, such as IEEE Xplore, Springer Link, Crossref, Semantic, and Google Scholar, resulting in 32 articles that met the inclusion criteria based on their relevance and quality. The results of the study show that the penetration testing approach is dominated by various security frameworks, including OWASP, ISSAF, OSSTMM, and PTES, which are used to evaluate and strengthen web system security. In addition, this study reveals that tools such as Acunetix, Nmap, Metasploit, Burp Suite, and SQLmap are often used to detect and exploit security vulnerabilities. Several studies also highlight the integration of machine learning technology in detecting attacks such as SQL Injection and Cross-Site Scripting (XSS), which indicates a new trend in website security testing. The conclusion of this study emphasizes the need for a more adaptive approach to penetration testing, combining automation techniques and manual analysis to improve the effectiveness of threat detection and mitigation. The results of this study can serve as a reference for academics and cybersecurity practitioners in choosing the optimal strategy to secure website systems from evolving threats.]]>
Copyrights © 2025
