Cite Article

Vulnerability Assessment and Penetration Testing (VAPT) Framework: Case Study of Government’s Website

Choose citation format

BibTeX

@article{IJASEIT8862,
   author = {Ahmad Almaarif and Muharman Lubis},
   title = {Vulnerability Assessment and Penetration Testing (VAPT) Framework: Case Study of Government’s Website},
   journal = {International Journal on Advanced Science, Engineering and Information Technology},
   volume = {10},
   number = {5},
   year = {2020},
   pages = {1874--1880},
   keywords = {vulnerability; threat; pen test; network security; assessment.},
   abstract = {Information security often neglected by individual or employee or even by the enterprise, with there is no proper strategy to raise awareness, promote consistency and maintain performance regarding protect sensitive, confidential, and critical data. One of the common techniques used is a vulnerability assessment and penetration testing (VAPT) to assure the security strategy has been implemented into the computer system by analyzing both its strength and weakness. SQL plays an essential role in the Relation Database Management System (RDBMS) and its relationship to the existence of a website and its flexible operation because of its simplicity and integrity. To anticipate these types of threats or other Internet attacks, a goal-oriented penetration test that has a framework is recommended to identify specific types of vulnerabilities that lead to business concessions and to avoid the risks that adversely affect the enterprise Thus. This study conducts VAPT to uncover the possibility of threats and evaluate the potential impact to be reported to the system owner through a proper engagement framework that allows systematic measurement. Government websites have been identified for this purpose of the research to show the current trend that occurred in cyber communities, especially in Indonesia. This study has found various vulnerabilities lies in the directory listing, full path disclosure, PHP info disclosure, folder webserver disclosure, and other potential threats, which present 2 (two) critical, 6 (six) medium, and 2 (two) low level of risk.},
   issn = {2088-5334},
   publisher = {INSIGHT - Indonesian Society for Knowledge and Human Development},
   url = {http://ijaseit.insightsociety.org/index.php?option=com_content&view=article&id=9&Itemid=1&article_id=8862},
   doi = {10.18517/ijaseit.10.5.8862}
}

EndNote

%A Almaarif, Ahmad
%A Lubis, Muharman
%D 2020
%T Vulnerability Assessment and Penetration Testing (VAPT) Framework: Case Study of Government’s Website
%B 2020
%9 vulnerability; threat; pen test; network security; assessment.
%! Vulnerability Assessment and Penetration Testing (VAPT) Framework: Case Study of Government’s Website
%K vulnerability; threat; pen test; network security; assessment.
%X Information security often neglected by individual or employee or even by the enterprise, with there is no proper strategy to raise awareness, promote consistency and maintain performance regarding protect sensitive, confidential, and critical data. One of the common techniques used is a vulnerability assessment and penetration testing (VAPT) to assure the security strategy has been implemented into the computer system by analyzing both its strength and weakness. SQL plays an essential role in the Relation Database Management System (RDBMS) and its relationship to the existence of a website and its flexible operation because of its simplicity and integrity. To anticipate these types of threats or other Internet attacks, a goal-oriented penetration test that has a framework is recommended to identify specific types of vulnerabilities that lead to business concessions and to avoid the risks that adversely affect the enterprise Thus. This study conducts VAPT to uncover the possibility of threats and evaluate the potential impact to be reported to the system owner through a proper engagement framework that allows systematic measurement. Government websites have been identified for this purpose of the research to show the current trend that occurred in cyber communities, especially in Indonesia. This study has found various vulnerabilities lies in the directory listing, full path disclosure, PHP info disclosure, folder webserver disclosure, and other potential threats, which present 2 (two) critical, 6 (six) medium, and 2 (two) low level of risk.
%U http://ijaseit.insightsociety.org/index.php?option=com_content&view=article&id=9&Itemid=1&article_id=8862
%R doi:10.18517/ijaseit.10.5.8862
%J International Journal on Advanced Science, Engineering and Information Technology
%V 10
%N 5
%@ 2088-5334

IEEE

Ahmad Almaarif and Muharman Lubis,"Vulnerability Assessment and Penetration Testing (VAPT) Framework: Case Study of Government’s Website," International Journal on Advanced Science, Engineering and Information Technology, vol. 10, no. 5, pp. 1874-1880, 2020. [Online]. Available: http://dx.doi.org/10.18517/ijaseit.10.5.8862.

RefMan/ProCite (RIS)

TY  - JOUR
AU  - Almaarif, Ahmad
AU  - Lubis, Muharman
PY  - 2020
TI  - Vulnerability Assessment and Penetration Testing (VAPT) Framework: Case Study of Government’s Website
JF  - International Journal on Advanced Science, Engineering and Information Technology; Vol. 10 (2020) No. 5
Y2  - 2020
SP  - 1874
EP  - 1880
SN  - 2088-5334
PB  - INSIGHT - Indonesian Society for Knowledge and Human Development
KW  - vulnerability; threat; pen test; network security; assessment.
N2  - Information security often neglected by individual or employee or even by the enterprise, with there is no proper strategy to raise awareness, promote consistency and maintain performance regarding protect sensitive, confidential, and critical data. One of the common techniques used is a vulnerability assessment and penetration testing (VAPT) to assure the security strategy has been implemented into the computer system by analyzing both its strength and weakness. SQL plays an essential role in the Relation Database Management System (RDBMS) and its relationship to the existence of a website and its flexible operation because of its simplicity and integrity. To anticipate these types of threats or other Internet attacks, a goal-oriented penetration test that has a framework is recommended to identify specific types of vulnerabilities that lead to business concessions and to avoid the risks that adversely affect the enterprise Thus. This study conducts VAPT to uncover the possibility of threats and evaluate the potential impact to be reported to the system owner through a proper engagement framework that allows systematic measurement. Government websites have been identified for this purpose of the research to show the current trend that occurred in cyber communities, especially in Indonesia. This study has found various vulnerabilities lies in the directory listing, full path disclosure, PHP info disclosure, folder webserver disclosure, and other potential threats, which present 2 (two) critical, 6 (six) medium, and 2 (two) low level of risk.
UR  - http://ijaseit.insightsociety.org/index.php?option=com_content&view=article&id=9&Itemid=1&article_id=8862
DO  - 10.18517/ijaseit.10.5.8862

RefWorks

RT Journal Article
ID 8862
A1 Almaarif, Ahmad
A1 Lubis, Muharman
T1 Vulnerability Assessment and Penetration Testing (VAPT) Framework: Case Study of Government’s Website
JF International Journal on Advanced Science, Engineering and Information Technology
VO 10
IS 5
YR 2020
SP 1874
OP 1880
SN 2088-5334
PB INSIGHT - Indonesian Society for Knowledge and Human Development
K1 vulnerability; threat; pen test; network security; assessment.
AB Information security often neglected by individual or employee or even by the enterprise, with there is no proper strategy to raise awareness, promote consistency and maintain performance regarding protect sensitive, confidential, and critical data. One of the common techniques used is a vulnerability assessment and penetration testing (VAPT) to assure the security strategy has been implemented into the computer system by analyzing both its strength and weakness. SQL plays an essential role in the Relation Database Management System (RDBMS) and its relationship to the existence of a website and its flexible operation because of its simplicity and integrity. To anticipate these types of threats or other Internet attacks, a goal-oriented penetration test that has a framework is recommended to identify specific types of vulnerabilities that lead to business concessions and to avoid the risks that adversely affect the enterprise Thus. This study conducts VAPT to uncover the possibility of threats and evaluate the potential impact to be reported to the system owner through a proper engagement framework that allows systematic measurement. Government websites have been identified for this purpose of the research to show the current trend that occurred in cyber communities, especially in Indonesia. This study has found various vulnerabilities lies in the directory listing, full path disclosure, PHP info disclosure, folder webserver disclosure, and other potential threats, which present 2 (two) critical, 6 (six) medium, and 2 (two) low level of risk.
LK http://ijaseit.insightsociety.org/index.php?option=com_content&view=article&id=9&Itemid=1&article_id=8862
DO  - 10.18517/ijaseit.10.5.8862