PENGUJIAN CELAH KEAMANAN WEBSITE MENGGUNAKAN TEKNIK PENETRATION TESTING DENGAN METODE OWASP (STUDI KASUS : WEBSITE RAPOR ONLINE SMP MUHAMMADIYAH 1 MALANG)

Along with technological advances, the importance of security for a website is the main thing because if security is ignored, it allows data theft or changes the appearance of a website. This research aims to test the security gap on the Online Report Card website of SMP Muhammadiyah 1 Malang using penetration testing techniques with the OWASP TOP 10 method. Researchers detect security gaps using the OWASP TOP 10 version 2021 method on the target website. After detection, then test the vulnerabilities that have been found, whether the vulnerabilities found can be exploited or not. Researchers tried to conduct further tests because it was confirmed that the error message referred to the SQL Injection vulnerability, researchers tried to dump the database and related information on the MySQL service. There is a Security Misconfiguration vulnerability in the system that can be accessed, in this case the lack of handlers in the system configuration has an impact on errors in the system when making requests. Overall, a systematic process of identifying assets, detecting vulnerabilities, and testing exploits based on previous results was conducted. The main findings are included in the OWASP Top 10 category so they need attention for system security improvements.