Analysis of Vulnerability Webserver Office Management of Information And Documentation Diskominfo using OWASP Scanner

Wijayanto, Agung; Utami, Ema; Prasetio, Agung Budi

doi:10.1109/icoris50180.2020.9320833

Cited by 3 publications

(1 citation statement)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One of the frameworks used is OWASP, which is a structured framework with several steps in grouping information for security test plans for websites, assessments and verified and analyzed domain reports (31,32). This framework is for analyzing various vulnerabilities issued by the OWASP Top 10 2021 (33,34), including: Broken Access Control, Security Misconfiguration, Insecure Deserialization, Injection, Sensitive Data Exposure, XML External Entities, Broken Authentication, Cross Site Scripting, Using Components with Known Vulnerabilities, and Insufficient Logging and Monitoring.…”

Section: Introductionmentioning

confidence: 99%

Mitigation from SQL Injection Attacks on Web Server using Open Web Application Security Project Framework

Fadlil,

Riadi,

Mu’min

2024

IJE

View full text Add to dashboard Cite

SQL injection (SQLi) is one of the most common attacks against database servers and has the potential to threaten server services by utilizing SQL commands to change, delete, or falsify data. In this study, researchers tested SQLi attacks against websites using a number of tools, including Whois, SSL Scan, Nmap, Open Web Application Security Project (OWASP) Zap, and SQL Map. Then, researchers identified SQLi vulnerabilities on the tested web server. Next, researchers developed and implemented mitigation measures to protect the website from SQLi attacks. Test results using OWASP Zap identified 14 vulnerabilities, with five of them at a medium level of 35%, seven at a low level of 50%, and two at an informational level of 14%. Meanwhile, testing using SQL Map succeeded in gaining access to the database and username on the web server. The next step in this research is to provide recommendations for installing a firewall on the website as a mitigation measure to reduce the risk of SQLi attacks. The main contribution of this research is the development of a structured methodology to identify and address SQLi vulnerabilities in web servers, which play an important role in maintaining data security and integrity in a rapidly evolving online environment.

show abstract

Section: Introductionmentioning

confidence: 99%

Mitigation from SQL Injection Attacks on Web Server using Open Web Application Security Project Framework

Fadlil,

Riadi,

Mu’min

2024

IJE

View full text Add to dashboard Cite

show abstract

Optimization of Software Development Automation via CICD, Dependency Track, and AWS CodePipeline Integration

Mooduto,

Rijanto,

Pamuji

2023

2023 International Conference on Informatics Engineering, Science &Amp; Technology (INCITEST)

View full text Add to dashboard Cite

Exploring the Landscape of Website Vulnerability Scanners

Zangana

2024

Redefining Security With Cyber AI

View full text Add to dashboard Cite

This chapter provides a comprehensive analysis of web application vulnerability scanners, examining their characteristics, effectiveness, and implications for web security. Through a synthesis of findings from various studies, the chapter explores the distinctions between open-source and commercial scanners; evaluates their detection capabilities, scanning methodologies, performance, and scalability; and analyzes their accuracy and propensity for false positives. The chapter concludes with recommendations for enhancing the effectiveness and accessibility of vulnerability scanners and emphasizes the importance of continued investment in research and collaboration to address evolving security challenges.

show abstract

Analysis of Vulnerability Webserver Office Management of Information And Documentation Diskominfo using OWASP Scanner

Cited by 3 publications

References 10 publications

Mitigation from SQL Injection Attacks on Web Server using Open Web Application Security Project Framework

Mitigation from SQL Injection Attacks on Web Server using Open Web Application Security Project Framework

Optimization of Software Development Automation via CICD, Dependency Track, and AWS CodePipeline Integration

Exploring the Landscape of Website Vulnerability Scanners

Contact Info

Product

Resources

About