ANALISIS KERENTANAN WEBSITE DI LINGKUNGAN UNIVERSITAS MATARAM MENGGUNAKAN OWASP ZAP

Abstract

Currently, websites have become an integral component in various sectors of life, including business, entertainment, and education. Universitas Mataram (UNRAM), as one of the leading universities in the West Nusa Tenggara Province, utilizes a website as the main platform to convey information related to university programs and activities. However, with the rapid development of information technology, the vulnerability level to website security within the UNRAM environment has also increased. This research specifically focuses on vulnerability analysis on several subdomains within the UNRAM environment using the Open Web Application Security Project (OWASP) method. The analytical approach involves scanning subdomains using OWASP ZAP, identifying security vulnerabilities, and providing recommendations for corrective actions in accordance with the OWASP vulnerability list. The research results indicate that out of a total of 108 identified vulnerabilities across all tested subdomains, only 50,92% can be classified as valid vulnerabilities after the verification process. Each subdomain, such as SIA, SPI, FEB, FT, and PSTI, has different vulnerability levels, with verified vulnerability percentages of 71.43%, 45.45%, 75%, 77.78%, and 56.25%, respectively. Improvement recommendations include implementing Anti-CSRF tokens, SameSite attributes on cookies, proper server configuration, component updates such as Bootstrap, jQuery, and Chart.js, and enhancing cryptographic security measures.