The development of information technology has had a positive impact on various fields, including the field of web technology. Information technology has now become a necessity in improving the performance of organizations and educational institutions in achieving goals. Websites are a tool for institutions to promote to the general public. The https://kekampus.umri.ac.id/ website is an information system owned by the Umri campus which is used for PKKMB and Umri Masters, as a website that functions in storing data, it is necessary to increase security to prevent hacker attacks, there are several methods used, one of which is The ISSAF framework is a penetration testing standard used to test the resilience of websites. The aim of this research is to determine the security gaps of the https://kekampus.umri.ac.id/ website by using the penetration testing method with the ISSAF Framework. The ISSAF framework includes nine test assessments which include Information Gathering, Network Mapping, Vulnerability Identification, Penetration, Gaining Access and Privilege Escalation, Enumerating Further, Compromising Remote Users/Sites, Maintaining Access, and Covering Tracks. In this study, examiners only carried out four stages of the nine stages in the ISSAF framework. This research uses a black box strategy where testers are only given access to the target website domain. This research was conducted because of the problems that often occur in gacor slots in one of UMRI's information systems. The results of the analysis carried out found that there were several vulnerabilities that were lacking on the website, namely SQL injection attacks, cross JavaScript, cookie secure flags on the https://kekampus.umri.ac.id/ website. and provide suggestions or recommendations to improve security on the https://kekampus.umri.ac.id/ website.
Copyrights © 2023