ANALISIS KEAMANAN PADA WEBSITE FORUM ASISTEN UNIVERSITAS AMIKOM PURWOKERTO MENGGUNAKAN METODE OWASP WEB SECURITY TESTING GUIDE

Security Analysis on the Assistant Forum Website at Amikom Purwokerto University Using the OWASP Web Security Testing Guide Method. The purpose of this study is to test the security level of the Assistant Forum using the Web Security Testing Guide (WSTG) method, it is hoped that testing the security level can provide an overview security level on the Amikom Purwokerto University Assistant Forum website. This research only discusses the Web Security Testing Guide (WTSG) method. The WSTG testing stages carried out were only Information Gathering, Configuration and Deployment Management Testing, Session Management Testing, Input Validation Testing, Testing For Weak Cryptography and Client Side Testing. The method used in this study is the Web Security Testing Guide. The results of the tests that have been carried out found that the Forum Assistant website has several security holes that could endanger the security of the website. It is necessary to immediately take preventive action earlier and on average the possibility of security vulnerabilities found is intended to carry out an analysis step to focus on test points where there are security vulnerabilities. The OWASP WSTG v4.2 method is suitable as a reference in conducting Penetration Testing on the Amikom Purwokerto University Assistant Forum website. This can be seen from the results of testing and analysis which show that the Amikom Purwokerto University Assistant Forum website has weaknesses that can be exploited by the Amikom Purwokerto University Assistant Forum website after security testing is carried out based on the OWASP WSTG v4.2 document. System security on the Amikom Purwokerto University Assistant Forum website still does not meet the CIA security principles (Confidentiality, Integrity, and Availability). This can be seen from several security holes after penetration testing.