Analisis Vulnerability Sistem Manajemen Tugas Akhir (Simanta) Universitas Muhammadiyah Malang

Academic website security is an action and practice implemented to protect websites related to educational institutions, such as universities or schools, from various threats and attacks. A system that can assist the process of implementing the Final Assignment (TA) preparation activities by students starting from the registration process to the graduation or graduation process. This study aims to provide information to related web institutions to further improve security aspects so that data leakage does not occur. This study uses the penetration testing method as well as to measure the level of security from the highest to the lowest with OWASP Top 10. The results of this study are in the form of reporting or reports that have been analyzed regarding the vulnerabilities found. The results found in vulnerability scanning with the nessus tool amounted to 34 vulnerabilities, OWASP ZAP amounted to 19 which were categorized into 4, namely critical, high, medium, low, and info. In the penetration testing attack carried out in the form of hidden files that are open to the public.