Along with the development of information technology among the wider community, information systems make it easier for people to access and search for information in the form of websites. The problem of security risk is one of the important aspects of an information system. But, security risks are somehow less priority to be considered. In the present work, a security analysis of a domain was conducted using the Open Web Application Security Project (OWASP) Zap. The research method used is literature review and observation. The literature review is used to collect relevant previous research literatures as well as relevant theories and concepts in terms of Vulnerability Analysis. The literatures are obtained from journals, books, scientific papers, and digital media such as the internet. While observation is used to determine, sort, collect, and review the data needed in the test. The results of show that several vulnerabilities on the akprind.ac.id site that can have a detrimental impact on the campus. The security system on several akprind subdomains still does not meet the CIA TRIAD security principle, namely confidentiality. The OWASP Zap tools are still good as a basis for conducting penetration testing on several sites with the akprind.ac.id domain. Because there are still some security issues that match the owasp list. It is hoped that for the IST AKPRIND web, further research needs to be carried out using the ISSAF (Information System Security Assessment Framework) method so that it can be known more deeply if there are vulnerabilities from the web server.
Read full abstract