PENERAPAN ZERO ENTRY HACKING DIDALAM SECURITY MISCONFIGURATION PADA VAPT (VULNERABILITY ASSESSMENT AND PENETRATION TESTING)

Rama Sahtyawan

Abstract


Serangan terhadap sistem komputer dari waktu ke waktu semakin meningkat dan semakin canggih. Perusahaan dituntut untuk memastikan Cyber Security yang aman untuk melindungi dari serangan hacker. Penelitian ini, Mengimplementasikan VAPT (Vulnerability Assessment and Penetration Testing) menggunakan metode ZEH (Zero Entry Hacking)Penetration Testing Methodology untuk mengetahui kerentanan SMB (server Message block) dan RDP(remote desktop) pada server yang dapat dieksploitasi serta memberi penyerang hak akses terhadap server yang mampu memanipulasi data pada server.


Full Text:

PDF

References


S. Sparks, S. Embleton, R. Cunningham and C. Zou, “Automated vulnerability analysis: Leveraging control flow for evolutionary”,IEEE 23rd Annual Computer Security Applications Conference, Dec 10-14, 2007, Miami, Florida

A. Austin and L. Williams, “One technique is not enough: A comparison of vulnerability discovery techniques”, IEEE International Symposium on Empirical Software Engineering and Measurement, Sep 22-23, 2011, Guenther, Ruhe.

P. Xiong and Peyton, “A Model driven Penetration test framework for Web Applications”, IEEE 8th Annual International Conference on Privacy, Security & Trust, Aug 17-19, 2010,Ottawa, ON, Canada.

Kiezun, A., Guo, P. J., Jayaraman, K., & Ernst, M. D. (2009). Automatic creation of SQL injection and cross-site scripting attacks. Proceedings - International Conference on Software Engineering, 199–209. https://doi.org/10.1109/ICSE.2009.5070521

EC-Council, “CEH 8 Module 20 Penetration Testing.” 2012.

D. P. N. Andrew Whitaker, Penetration Testing and Network Defense, Indianapolis: Cisco Press, 2006

A. Austin and L. Williams, “One technique is not enough: A comparison of vulnerability discovery techniques”, IEEE International Symposium on Empirical Software Engineering and Measurement, Sep 22-23, 2011, Guenther, Ruhe.

Engebretson, P. 2011. The Basics of Hacking and Penetration Testing: Ethical hacking and Penetration Testing Made Easy.Waltham : Syngress


Refbacks

  • There are currently no refbacks.