This research aims to determine security holes and risks that may arise in the educational institution's repository web application. The repository web application contains research data, journals, articles, and papers from lecturers and students at the institution. This web application does not yet have documentation about security holes and risks in it. It causes a sense of concern on the part of educational institutions. Therefore, it is necessary to have a security assessment to conduct a risk-oriented assessment that might occur if an attack is attempted. The Vulnerability Assessment and Penetration Testing (VAPT) method was utilized to conduct a security assessment and test educational institutions' repository web application. Several vulnerabilities found with the Nessus tool could still be exploited and resulted in findings in legal access rights when the researchers performed a test simulation on the repository web application. This research was used as a report to the educational institution, particularly as a material for the evaluation process to increase its web application security. This research was carried out within the educational institution environment. Hence, it did not fully describe the possibility of actual attacks originating from outside the educational institution environment.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.