In information technology, the internet is one of the things that is very important and useful at this time, one of which is the existence of a website. Currently the website is used by various types of activities, one of which is the XYZ Faculty. The website is used to assist students in taking care of all administrative needs needed for the process of assistant recruitment activities. Therefore, a vulnerability assessment was carried out using the VAPT method using several tools, namely OWASP ZAP, Acunetix, and NetSparker to find vulnerabilities on the website. In this test, 17 vulnerability gaps were found which were combined into 9 gaps for exploitation and mitigation. And the final result, 5 out of 8 security holes were successfully mitigated