Website Security Analysis Using Penetration Testing
Keywords:
Security, Website , Accuntetix, PENTESTAbstract
Websites are a vital element in the evolution of the internet, with more than 1.9 billion sites worldwide today. Their use was initially limited to personal purposes, but now almost every company has a website, such as Facebook, Apple, and BBC News. Tim Berners-Lee created the first website in the late 1980s through the World Wide Web (W3) project. Penetration Testing is an evaluation method to identify weaknesses in the security of a system, network, or web application. It involves a direct attack on the target being tested to detect and fix weaknesses. The goal is to identify potential weak points and ensure compliance with security policies. The test results using Accuntetix showed a low-level system vulnerability on the min2kotabengkulu.sch.id website, which can be considered quite safe from attacks
References
1. Aboelfotoh, S. F., & Hikal, N. A. (2019). A review of cyber-security measuring and assessment methods for modern enterprises. JOIV: International Journal on Informatics Visualization, 3(2), 157-176.
2. Aslan, Ö., Aktuğ, S. S., Ozkan-Okay, M., Yilmaz, A. A., & Akin, E. (2023). A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), 1333.
3. Flavián, C., & Guinalíu, M. (2006). Consumer trust, perceived security and privacy policy: three basic elements of loyalty to a web site. Industrial management & data Systems, 106(5), 601-620.
4. Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal of computer and system sciences, 80(5), 973-993.
5. Kaur, J., Garg, U., & Bathla, G. (2023). Detection of cross-site scripting (XSS) attacks using machine learning techniques: a review. Artificial Intelligence Review, 56(11), 12725-12769.
6. Knowles, W., Baron, A., & McGarr, T. (2016). The simulated security assessment ecosystem: Does penetration testing need standardisation?. Computers & Security, 62, 296-316.
7. Lathifah, A., Amri, F. B., & Rosidah, A. (2022, September). Security vulnerability analysis of the sharia crowdfunding website using owasp-zap. In 2022 10th International Conference on Cyber and IT Service Management (CITSM) (pp. 1-5). IEEE.
8. Mehmood, T. (2021). Does information technology competencies and fleet management practices lead to effective service delivery? Empirical evidence from e-commerce industry. International Journal of Technology, Innovation and Management (IJTIM), 1(2), 14-41.
9. Miracle, N. O. (2024). The Importance of Network Security in Protecting Sensitive Data and Information. International Journal of Research and Innovation in Applied Science, 9(6), 259-270.
10. Mirtsch, M., Kinne, J., & Blind, K. (2020). Exploring the adoption of the international information security management system standard ISO/IEC 27001: a web mining-based analysis. IEEE Transactions on Engineering Management, 68(1), 87-100.
11. Mohamed Hashim, M. A., Tlemsani, I., & Matthews, R. (2022). Higher education strategy in digital transformation. Education and Information Technologies, 27(3), 3171-3195.
12. Renaud, K., & Coles-Kemp, L. (2022). Accessible and inclusive cyber security: a nuanced and complex challenge. SN Computer Science, 3(5), 346.
13. Rodríguez, G. E., Torres, J. G., Flores, P., & Benavides, D. E. (2020). Cross-site scripting (XSS) attacks and mitigation: A survey. Computer Networks, 166, 106960.
14. Rosário, A., & Raimundo, R. (2021). Consumer marketing strategy and E-commerce in the last decade: a literature review. Journal of theoretical and applied electronic commerce research, 16(7), 3003-3024.
15. Roth, S., Barron, T., Calzavara, S., Nikiforakis, N., & Stock, B. (2020, January). Complex security policy? a longitudinal analysis of deployed content security policies. In Proceedings of the 27th Network and Distributed System Security Symposium (NDSS).
16. Sarker, K. U., Yunus, F., & Deraman, A. (2023). Penetration Taxonomy: A Systematic Review on the Penetration Process, Framework, Standards, Tools, and Scoring Methods. Sustainability, 15(13), 10471.
17. Sebrina, A. F., Junaidi, A., & Sihananto, A. N. (2024). Testing posketanmu website with google penetration testing and OWASP Top 10. Jurnal Mantik, 8(1), 636-645.
18. Shah, S., & Mehtre, B. M. (2013). A modern approach to cyber security analysis using vulnerability assessment and penetration testing. International Journal of electronics communication and computer engineering, 4(6), 47-52.
19. Stiawan, D., Idris, M. Y., Abdullah, A. H., Aljaber, F., & Budiarto, R. (2017). Cyber-Attack Penetration Test and Vulnerability Analysis. International Journal of Online Engineering, 13(1).
20. Szymkowiak, A., Melović, B., Dabić, M., Jeganathan, K., & Kundi, G. S. (2021). Information technology and Gen Z: The role of teachers, the internet, and technology in the education of young people. Technology in Society, 65, 101565.
21. Wang, D., Zhou, T., & Wang, M. (2021). Information and communication technology (ICT), digital divide and urbanization: Evidence from Chinese cities. Technology in Society, 64, 101516.
22. Weissbacher, M., Lauinger, T., & Robertson, W. (2014). Why is CSP failing? Trends and challenges in CSP adoption. In Research in Attacks, Intrusions and Defenses: 17th International Symposium, RAID 2014, Gothenburg, Sweden, September 17-19, 2014. Proceedings 17 (pp. 212-233). Springer International Publishing.
23. West, J. K. (2019). An introduction to online platforms and their role in the digital transformation. Available at SSRN 4669281.
