BibTex Citation Data :
@article{GT46828, author = {Arkhan Subari and Saiful Manan and Eko Ariyanto and Adnan Fauzi}, title = {PEMANFAATAN METODE WAVS (WEB APPLICATION SECURITY SCANNERS) MENGGUNAKAN BURP SUITE TOOLS DALAM AUDIT TEKNIS KEAMANAN SISTEM INFORMASI SURAT TUGAS SEKOLAH VOKASI UNDIP}, journal = {Gema Teknologi}, volume = {21}, number = {4}, year = {2022}, keywords = {technical audit; information security; WAVs (Web Application Security Scanners); bruteforce; Burpsuite;}, abstract = { An official travel assignment letter is a type of assignment letter needed by an employee in carrying out work assignments. In many ways, the assignment letter information system is built based on web-programming. In web-programming there are two methods to send data from client to server. The two methods are the POST method and the GET method. Information security is an important aspect that needs to be considered in design a information system. There are many attacker spying data on information system daily. Usually the attacker uses the loopholes in the data transmission method to attack the system. There are many techniques used to attack information systems likes WAVs (Web Application Security Scanners). WAVs is a program that is used to find security holes in web-based information systems using several methods, such as XSS, SQL Injection, Intercept and Bruteforce. One program that can be used is Burp Suite. Burp Suite is often used by security auditors, researchers, and testers for analysis of different systems. Burp's core functionality is to intercept and display HTTP requests in a structured manner. The Vocational School of Diponegoro University has developed an information system that is used to manage this assignment letter. The information system is design using a web-based application. However, the system has never been technically audited on its security level. Therefore, it is necessary to audit the information system security techniques so that the level of information system security can be ascertained and corrective steps can be taken if there are security holes found. This study is intended to conduct a technical audit of the security of the UNDIP Vocational School assignment letter information system. The audit was conducted using the WAVs (Web Application Security Scanners) method with the Burp Suite application. The results of the brutefoce test using Burpsuite showed that there was no suitable password. However, the fact that an attacker can attack 30,0006 times is a weakness that needs to be fixed. }, issn = {2656-582X}, doi = {10.14710/gt.v21i4.46828}, url = {https://ejournal.undip.ac.id/index.php/gema_teknologi/article/view/46828} }
Refworks Citation Data :
Article Metrics:
Last update:
Last update: 2024-11-21 14:00:38
The Authors submitting a manuscript do so on the understanding that if accepted for publication, copyright of the article shall be assigned to Gema Teknologi Journal and Vocational School of Diponegoro University as the publisher of the journal. Copyright encompasses rights to reproduce and deliver the article in all form and media, including reprints, photographs, microfilms, and any other similar reproductions, as well as translations.
Gema Teknologi Journal, Vocational School of Diponegoro University and the Editors make every effort to ensure that no wrong or misleading data, opinions or statements be published in the journal. In any way, the contents of the articles and advertisements published in Gema Teknologi Journal are sole and responsibility of their respective authors and advertisers.