<![CDATA[The Personal Identification Number or KTP is prone to be stolen and used by unwanted parties, this is also a possibility for the Simpel Desa, a village administration application that also contain and use the Personal Identification Number. This study aims to detect information security vulnerabilities. This study aims to analyze security vulnerabilities in applications using MobSF and ISO 27002:2013. MobSF is used for penetration testing for malware in applications. In MobSF the Simpel Desa application is analyzed in two ways, namely static and dynamic. ISO 27002:2013 is used to map the findings of vulnerabilities and potential misuse of information so that they get accurate analysis results. The control used is domain 9 (access control) and 10 (cryptography). The results obtained in the static analysis found the existence of vulnerabilities in aspects of cryptography and permission access. The dynamic analysis found that Root Detection and Debugger Check Bypass had not been implemented. Overall, based on ISO 27002:2013 information security has not been maximally implemented. The recommendations given focus on the aspects of application permissions and access rights, user authentication, and the implementation of information security.]]>
Copyrights © 2023
