Analisis Keamanan Website LPPM ISTN Melalui Pengujian Penetrasi Berbasis ZAP dan Nessus Studi Kasus di Web LPPM KAMPUS ISTN JAKARTA
Article Sidebar
Published
Jul 16, 2025
Main Article Content
Abstract
The high dependence of educational institutions on online information systems makes web security a crucial issue that cannot be ignored. This research addresses security issues on the LPPM ISTN website, aiming to identify and thoroughly evaluate its potential vulnerabilities. The approach combines two main tools: OWASP ZAP for analyzing web application vulnerabilities and Nessus for IP scanning on the LPPM ISTN Web. Additionally, Metasploit, Hydra, and OpenSSL are utilized as exploitation and validation tools. The test results revealed several significant vulnerabilities, including DNS Amplification DDoS, Clickjacking loopholes, and the absence of CSRF tokens. While some exploits failed, this confirmed the effectiveness of certain security configurations already in place. Findings also indicated that many weaknesses stemmed from the use of legacy technologies and suboptimal header settings. Post-audit evaluations showed improvements on the part of developers, confirming the important role of penetration testing as an evaluative and preventative tool. This research recommends the implementation of layered defenses, periodic system updates, and intensive collaboration between development and security teams to build the institution's digital resilience.
Article Details
How to Cite
Dinata, R., Nagara, K., Madinah, S., Marhaeni, M., Hadi, V., & Al Kaf, U. (2025). Analisis Keamanan Website LPPM ISTN Melalui Pengujian Penetrasi Berbasis ZAP dan Nessus. JURNAL REKAYASA INFORMASI, 14(1), 27-37. Retrieved from https://ejournal.istn.ac.id/index.php/rekayasainformasi/article/view/2360
Section
Artikel