Evaluasi Kinerja Software Web Penetration Testing

Munirul Ula

doi:10.29103/techsi.v11i3.1996

Evaluasi Kinerja Software Web Penetration Testing

Authors

Munirul Ula Universitas Malikussleh

DOI:

https://doi.org/10.29103/techsi.v11i3.1996

Abstract

Website sudah menjadi bagian penting dalam setiap aspek kehidupan kita sehari-hari. Dari belanja online hingga bersosialisasi, semuanya tersedia dalam satu klik melalui gatget. Setiap website adalah unik dengan caranya sendiri, mulai dari coding hingga eksekusi, tetapi secara umum di setiap website terdapat celah keamanan yang memudahkan tersusupi oleh para hacker. Oleh karena itu perlu dilakukan scanning celah keamanan yang ada pada sebuah website. Dalam artikel ini, berbagai macam program pendeteksi celah keamanan aplikasi website telah diperiksa dan dievaluasi secara terperinci untuk mengetahui program scanner mana yang paling cocok digunakan untuk mendeteksi kelemahan keamanan sebuah website. Program-program scanner keamanan tersebut memberikan informasi tentang cara melakukan berbagai skenario serangan terhadap website sampel. Artikel ini juga menunjukkan kelebihan dan kekurangan kinerja dari program yang diuji.

Author Biography

Munirul Ula, Universitas Malikussleh

Dosen Sistem Informasi, Universitas Malikussaleh

References

Fortune Turkey, Diakses tanggal 20 Agustus 2019 dari: http://www.fortuneturkey.com/fotohaber/dunyanin-en-degerli-markalari-2017-42674.

Jeremiah Grossman, 2005, The Five Myths of Web Application Security, WhiteHat Security, Inc,

Prescatore, John, Gartner, Computerworl, 25 Åžubat 2005, [Online]. Diakses pada 20 August 2019 dari http://www.computerworld.com/printthis/2005/0,4814,99981,00.html.

G. McGraw, 2006, Software Security: Building Security, Addison-Wesley Software Security Series,

Web Application Security Consortium Glossary, [Online]. Diakases pada 20 August 2019: dari: http://www.webappsec.org/projects/glossary/.

Jody Melbourne ve David Jorm, 2003. Penetration Test for Web Applications, SecurityFocus,

Web Application Security Consortium, "Threat Classification", [Online]. Diakses pada 20 Agustus 2019: dari http://www.webappsec.org/projects/threat/.

OWASP, "OWASP Top 10 Most Critical Web Application Security Risks", [Online]. Diakses pada 20 August 2019: http://www.owasp.org/index.php/OWASP_Top_Ten_Project.

Common Weakness Enumeration: CWE, MITRE, Diakses pada 20 Agustus 2019: dari http://cve.mitre.org/cwe/.

Netsparker, Web Application Security Scanner, Diakses pada 20 Agustus 2019: dari https://www.netsparker.com/.

Acunetix, Web Site Security, Diakses pada 20 Agustus 2019: dari https://www.acunetix.com/.

Vega, Vulnerability Scanner Diakses pada 20 Agustus 2019: dari, https://subgraph.com/vega/index.fr.html.

OWASP ZAP, Zed Attack Proxy, Diakses pada 20 Agustus 2019: dari https://www.owasp.org/index.php/OWASP_Zed_ Attack_Proxy_Project.

Wapiti, Web Vulnerability Scanner, Diakses pada 20 Agustus 2019: dari http://wapiti.sourceforge.net/.

IronWASP, Application Security Scanner, Diakses pada 20 Agustus 2019: dari https://www.utest.com/tools/ironwasp.

Downloads

PDF (Bahasa Indonesia)

Published

2019-10-28

Issue

Vol. 11 No. 3 (2019)

Section

Articles

License

Authors retain copyright and grant the journal right of first publication and this work is licensed under a Creative Commons Attribution-ShareAlike 4.0 that allows others to share the work with an acknowledgement of the works authorship and initial publication in this journal.

All articles in this journal may be disseminated by listing valid sources and the title of the article should not be omitted. The content of the article is liable to the author.

Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.

Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.

In the dissemination of articles by the author must declare the TECHSI Journal as the first party to publish the article.

Evaluasi Kinerja Software Web Penetration Testing

Authors

DOI:

Abstract

Author Biography

Munirul Ula, Universitas Malikussleh

References

Downloads

Published

Issue

Section

License

Menu Kanan

Developed By

Language

Icon Icon