RANCANG BANGUN APLIKASI HTTP OBSERVATORY DAN WEB VULNERABILITY SCANNER UNTUK ANALISIS KEAMANAN WEBSITE

Imaddudin, Zakki (2025) RANCANG BANGUN APLIKASI HTTP OBSERVATORY DAN WEB VULNERABILITY SCANNER UNTUK ANALISIS KEAMANAN WEBSITE. S1 thesis, Universitas Mercu Buana-Menteng.

	Text (Cover) 41521110004-ZAKKI IMADDUDIN-01 Cover - ZAKKI IMADDUDIN.pdf Download (1MB)
	Text (BAB I) 41521110004-ZAKKI IMADDUDIN-02 Bab 1 - ZAKKI IMADDUDIN.pdf Restricted to Registered users only Download (122kB)
	Text (BAB II) 41521110004-ZAKKI IMADDUDIN-03 Bab 2 - ZAKKI IMADDUDIN.pdf Restricted to Registered users only Download (86kB)
	Text (BAB III) 41521110004-ZAKKI IMADDUDIN-04 Bab 3 - ZAKKI IMADDUDIN.pdf Restricted to Registered users only Download (460kB)
	Text (BAB IV) 41521110004-ZAKKI IMADDUDIN-05 Bab 4 - ZAKKI IMADDUDIN.pdf Restricted to Registered users only Download (759kB)
	Text (BAB V) 41521110004-ZAKKI IMADDUDIN-06 Bab 5 - ZAKKI IMADDUDIN.pdf Restricted to Registered users only Download (38kB)
	Text (Daftar Pustaka) 41521110004-ZAKKI IMADDUDIN-08 Daftar Pustaka - ZAKKI IMADDUDIN.pdf Restricted to Registered users only Download (38kB)
	Text 41521110004-ZAKKI IMADDUDIN-09 Lampiran - ZAKKI IMADDUDIN.pdf Download (535kB)

Abstract

Keamanan website merupakan isu kritis dalam era digital saat ini, terutama di Indonesia yang mengalami 189 kasus web defacement pada tahun 2023 berdasarkan data Badan Siber dan Sandi Negara (BSSN). Sebanyak 93,1% serangan tersebut menyasar halaman tersembunyi (hidden pages), dengan sektor pemerintahan menjadi target utama yang mencatat 167 kasus, diikuti sektor kesehatan dan pertahanan. Untuk mengatasi permasalahan ini, penelitian ini bertujuan merancang dan membangun aplikasi berbasis web yang mengintegrasikan dua modul utama untuk melakukan analisis keamanan website secara komprehensif. Aplikasi dikembangkan menggunakan arsitektur modern dengan Python Flask sebagai backend, MongoDB sebagai basis data, dan React.js untuk antarmuka pengguna. Sistem terdiri dari dua modul utama: HTTP Observatory yang mengevaluasi konfigurasi server, header keamanan, dan implementasi SSL/TLS; serta Web Vulnerability Scanner yang mendeteksi kerentanan seperti SQL Injection, XSS, CSRF, dan berbagai jenis Code Injection. Keunggulan sistem ini terletak pada penerapan klasifikasi berbasis aturan (rule based classification) untuk mengklasifikasikan tingkat risiko kerentanan menjadi tiga kategori: tinggi, sedang, dan rendah. Hasil analisis disajikan melalui dashboard interaktif yang menampilkan visualisasi data, tren kerentanan, dan rekomendasi perbaikan yang dapat ditindaklanjuti langsung oleh pengelola website. Sistem ini menyediakan otomatisasi analisis keamanan yang sistematis, terukur, dan mudah digunakan, sehingga diharapkan dapat memberikan kontribusi nyata terhadap peningkatan keamanan web nasional dengan membantu organisasi mengidentifikasi dan mengatasi kerentanan keamanan secara proaktif. Website security is a critical issue in today's digital era, particularly in Indonesia which experienced 189 cases of web defacement in 2023 according to data from the National Cyber and Encryption Agency (BSSN). As many as 93.1% of these attacks targeted hidden pages, with the government sector being the primary target recording 167 cases, followed by health and defense sectors. To address this problem, this research aims to design and develop a web-based application that integrates two main modules to conduct comprehensive website security analysis. The application is developed using modern architecture with Python Flask as the backend, MongoDB as the database, and React.js for the user interface. The system consists of two main modules: HTTP Observatory that evaluates server configuration, security headers, and SSL/TLS implementation; and Web Vulnerability Scanner that detects vulnerabilities such as SQL Injection, XSS, CSRF, and various types of Code Injection. The advantage of this system lies in the implementation of rules based classification methods to classify vulnerability risk levels into three categories: high, medium, and low. The analysis results are presented through an interactive dashboard that displays data visualization, vulnerability trends, and remediation recommendations that can be directly acted upon by website administrators. This system provides systematic, measurable, and user-friendly security analysis automation, which is expected to make a real contribution to improving national web security by helping organizations identify and address security vulnerabilities proactively.

Item Type:	Thesis (S1)
NIM/NIDN Creators:	41521110004
Uncontrolled Keywords:	Keamanan Website, Analisis Kerentanan, HTTP Observatory, Rule Based Classification, Web Defacement, Dashboard Interaktif. Web Security, Vulnerability Analysis, HTTP Observatory, Rule Based Classification, Web Defacement, Interactive Dashboard.
Subjects:	000 Computer Science, Information and General Works/Ilmu Komputer, Informasi, dan Karya Umum > 000. Computer Science, Information and General Works/Ilmu Komputer, Informasi, dan Karya Umum > 005 Computer Programmming, Programs, Data/Pemprograman Komputer, Program, Data > 005.7 Data in Computer Systems/Data dalam Sistem-sistem Komputer 000 Computer Science, Information and General Works/Ilmu Komputer, Informasi, dan Karya Umum > 000. Computer Science, Information and General Works/Ilmu Komputer, Informasi, dan Karya Umum > 005 Computer Programmming, Programs, Data/Pemprograman Komputer, Program, Data > 005.7 Data in Computer Systems/Data dalam Sistem-sistem Komputer > 005.74 Data Files and Database/Data File-file dan Database, Pangkalan Data, Pusat Data
Divisions:	Fakultas Ilmu Komputer > Informatika
Depositing User:	ZAIRA ELVISIA
Date Deposited:	06 Aug 2025 02:31
Last Modified:	06 Aug 2025 02:31
URI:	http://repository.mercubuana.ac.id/id/eprint/96588

Actions (login required)

View Item