The current development of technology is progressing rapidly in line with the ease of accessing information through various means, whether through mobile applications or websites. This convenience has had a significant impact on various industries, governments, and educational institutions that utilize websites as information support for learning and teaching activities, including at XYZ Faculty. The website is used to manage student activities in Internship and Community Service (ICS). In previous research, vulnerability assessment was conducted to identify vulnerabilities on the website; however, no mitigation was implemented for the vulnerabilities found. Therefore, security mitigation is needed to address the risks associated with these vulnerabilities. The method used in this process is Vulnerability Assessment and Penetration Testing (VAPT) with gray box testing techniques, as well as the tools Burp Suite, Acunetix, and Nessus. Vulnerability analysis was performed on the identified vulnerabilities on the website to determine a list of vulnerabilities for further exploitation. Through testing on this ICS website, nine vulnerabilities were found, including one high-level vulnerability, four medium-level vulnerabilities, and four low-level vulnerabilities. These vulnerabilities were then mitigated, and the results showed that four out of the nine vulnerabilities were successfully mitigated, improving the website's security compared to before.
Copyrights © 2023