AUDIT DAN ANALISIS WEBSITE PEMERINTAH MENGGUNAKAN PENGUJIAN PENETRASI SQL INJECTION DAN CROSS SITE SCRIPTING (XSS)

Audit and Analysis of Government Websites Using SQL Injection and Cross-Site Scripting (XSS) Penetration Testing

  • Nugroho Agung Prasetiyo Universitas Mataram
  • Raphael Bianco Huwae Universitas Mataram
  • Andy Hidayat Jatmika Universitas Mataram
Keywords: Cybersecurity, Penetration Testing, SQL Injection, Cross Site Scripting, OWASP Top 10

Abstract

This study aims to analyze the security of government websites, focusing on vulnerabilities caused by SQL Injection and Cross Site Scripting (XSS) attacks. In accordance with Presidential Instruction No. 3 of 2003 on National Policy and Strategy for E-Government Development, government agencies are required to provide digital services through official websites. However, this increase in digitalization presents challenges in the context of cybersecurity. The research applies penetration testing methods to several government websites in East Java, using the OWASP Top 10 as the primary guide. The results reveal that many government websites are vulnerable to SQL Injection and XSS attacks, which could lead to data theft and information manipulation. Recommendations for enhancing security include implementing input validation techniques and regularly updating software. This research contributes to raising cybersecurity awareness in the governmental sector.

Published
2024-09-30