ANALISIS KERENTANAN KEAMANAN WEBSITE DENGAN METODE NIST SP 800-115 PADA WEBSITE DISPARBUDPORA KABUPATEN PACITAN

SAPUTRA, BAYU (2025) ANALISIS KERENTANAN KEAMANAN WEBSITE DENGAN METODE NIST SP 800-115 PADA WEBSITE DISPARBUDPORA KABUPATEN PACITAN. S1 thesis, Universitas PGRI Madiun.

[img] Text
Halaman depan.pdf
Download (741kB)
[img] Text
Abstrak.pdf
Download (14kB)
[img] Text
BAB I.pdf
Download (27kB)
[img] Text
BAB II.pdf
Download (677kB)
[img] Text
BAB III.pdf
Restricted to Repository staff only
Download (257kB)
[img] Text
BAB IV.pdf
Restricted to Repository staff only
Download (2MB)
[img] Text
BAB V.pdf
Download (14kB)
[img] Text
Daftar Pustaka.pdf
Download (143kB)
[img] Text
Lampiran.pdf
Download (718kB)

Abstract

The damage to the Pacitan Regency Tourism, Culture, and Youth Office (Disparbudpora) website, which resulted in the loss of all content and the need for a system rebuild, demonstrates the weakness of its security protections. This raises the urgency of evaluating system vulnerabilities to prevent similar incidents in the future. This study aims to determine the level of website vulnerability, formulate appropriate security recommendations, and evaluate their implementation. Testing was conducted using a NIST SP 800-115-based penetration testing method with a white-box approach down to the WordPress admin dashboard level. Of the 38 findings in the discovery stage, there were 10 high-risk vulnerabilities (26.32%), such as xmlrpc.php activation, potential Blind SQL Injection, data disclosure via the REST API, and DNS configuration vulnerable to Subdomain Takeover. The remaining findings were informational but remain relevant. The average CVSS score of 6.4 indicates a moderate level of risk. Mitigation recommendations include disabling vulnerable functions, restricting REST API access, using security plugins, removing non-critical components, and strengthening HTTP headers. Most mitigations were successfully implemented through the admin dashboard, while the remainder required technical support from the administrator. The research results show that a systematic security testing approach can make a real contribution to improving website protection.

Item Type: Thesis/Skripsi/Tugas Akhir (S1)
Kata Kunci: Cybersecurity; Penetration Testing; NIST SP 800-115; CVSS; WordPress;
Subjects: T Technology > T Technology (General)
Divisions: Fakultas Teknik > Sistem Informasi
Depositing User: BAYU SAPUTRA BAYU
Date Deposited: 08 Sep 2025 04:16
Last Modified: 08 Sep 2025 04:16
URI: http://eprint.unipma.ac.id/id/eprint/4384

Actions (login required)

View Item View Item
Repository UNIPMA is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.