@thesis{thesis,
		author={Tantri  Ricki Alvin},
		title ={Pengujian Celah Keamanan pada Website Sistem Informasi Geografis dengan Metode Penetration Testing (Studi Kasus : PT. Citra Satria Utama)},
		year={2022},
		url={http://eprints.ukmc.ac.id/8487/},
		abstract={ABSTRACT

With the need for information that is applied to a website, it requires easy access to information. However, information that is important requires good security so that not just anyone can access it. Attack techniques such as XSS, Directory Traversal Attack, Parameter Manipulation, and so on are real examples that there are many kinds of attacks if a website does not have good security. Therefore, for developers, it is necessary to search for security holes with the penetration process and find an evaluation so that the website cannot be manipulated by attackers. The penetration process is carried out on the sig-cdgroup.tech website as a test tool in finding existing security holes. So in this study, we will use the Penetration Testing method in testing security vulnerabilities, especially in XSS, Broken Access Control, Sensitive Data Exposure, and Sql Injection security vulnerabilities. The results and solutions of this research are that after the penetration technique, the sig-cdgroup.tech website there is an XSS gap that can be overcome by changing the javascript script that is inputted into characters, Broken Access Control can be overcome by adding a Session function, Sensitive Data Exposure can be overcome by setting the X-Frame-Option header with SAMEORIGIN and Sql Injection can be solved by adding the mysqli_real_escape_string() function to the login form query and to the Get Parameter Id.}
		}