<![CDATA[Many studies have produced and compared the accuracy of penetration testing tools in looking for vulnerabilities in web applications. In previous studies, comparative comparisons were made about the accuracy of dynamic analysis tools for website vulnerabilities. The purpose of this research is to obtain all information on an AMIK Indonesia website and to analyze it by collecting information on execution time such as network resource usage, attacks carried out, warnings, and vulnerability results sourced from analysis tool reports. The tool used is using Subgraph Vega and OWASP Zap and looking at the comparison of the tool reports. In this way, it can be seen whether the testing carried out by the tool is efficient and meets two important aspects of the analysis tool so that the penetration testing tool can find all vulnerabilities in the web application, and can also report detected vulnerabilities. When viewed from the results of the analysis obtained, SubGraph Vega has fewer Number of vulnerabilities than OWASP ZAP which has more. Meanwhile, other types of attacks were not found to be the same from the second tool.]]>
Copyrights © 2020
