System Security Testing Using The Penetration Testing Method on The Palapa Vocational School Library Website Introduction, Literature Review, Methodology, Results and Findings, Discussion, Conclusion

The Palapa Library utilizes its website as the primary platform for providing information and services to users. However, the presence of vulnerabilities in the website poses significant threats to data and system security. This study aims to identify and analyze vulnerabilities on the Palapa Library website using the Penetration Testing method based on the NIST SP 800-115 standard. This method involves four stages: planning, discovery, attack, and reporting. The testing results identified two major vulnerabilities: sensitive information disclosure and SQL Injection. Once the vulnerabilities were identified, their severity levels were assessed using the Common Vulnerability Scoring System (CVSS) version 3.1. CVSS provides scores for the vulnerabilities, helping prioritize remediation efforts from the highest to the lowest risk. Based on the assessment results, appropriate remediation measures were developed to enhance the security of the Palapa Library website. This study is expected to serve as a reference for preventing similar security threats in the future and assisting other institutions facing similar challenges in improving the security of their information systems.