Analisis Keamanan Sistem Informasi Website SMA Negeri 1 Sokaraja Menggunakan Metode Penetration Testing Execution Standard (PTES)

Abstract

Technological developments in the world continue to advance along with current developments. It is also in line with the development of the internet today, where users are increasingly increasing. That way, it will be very vulnerable to hacker attacks. An attack that is often used by hackers to break into a database using SQL Injection techniques. SQL Injection is a hacking technique used to enter or infiltrate a website's database system, which aims to find out the contents of the database and the information contained on the site. In this research, researchers used the Penetration Testing Execution Standard (PTES) method to analyze vulnerabilities and also penetrate the SMA Negeri 1 Sokaraja website. The Penetraton Testing Execution Standard (PTES) method has 7 stages. The results of the security analysis of the SMA Negeri 1 Sokaraja website, found 11 vulnerabilities which were successfully scanned using the OWASP ZAP tool. Of the 11 vulnerabilities that were successfully scanned, there was 1 vulnerability that had the highest risk. This vulnerability is found in SQL Injection attacks. In this study, researchers managed to enter the MySQL database system of the SMA Negeri 1 Sokaraja website using the SQL Injection attack technique. In the SMA Negeri 1 Sokaraja website database, researchers managed to find important data such as the SMA Negeri 1 Sokaraja website admin username and password.