IMPLEMENTASI OWASP TOP 10 DALAM PENGUJIAN PENETRASI WEBSITE : MENGIDENTIFIKASI CELAH KEAMANAN DALAM SISTEM PENGELOLAAN VOTING INDONESIA

Abstract

The rapid advancement of information technology has had a major influence in every aspect of life, including in government operations. the availability of platforms such as websites can be a medium for disseminating information transparently, especially in Indonesia's democratic process, namely elections. However, this digital convenience also presents cybersecurity challenges. therefore this research focuses on identifying security gaps in the voting management system in Indonesia by conducting penetration testing based on the OWASP Top 10 2021. in conducting penetration testing, it focuses on 10 subdomains on the targeted voting management website. This research process starts from the process of scanning and testing security using various tools such as subfinder, dirsearch, nuclei, ex-param and JSRecon. thus getting the analysis results that of the 10 targets 9 of them have vulnerabilities related to the OWASP Top 10 categories, such as A01-Broken Access Control, A03-Injection, A05-Security Misconfiguration, and A06-Vulnerable and Outdated Components. Broken Access Control is the most commonly found gap, identified in 6 subdomains. this research aims to improve the security of voting management systems in Indonesia while contributing to the sustainability of a more secure digital democracy in Indonesia.