Penetration Tool Berbasis Sistem Terdistribusi untuk Analisa Vulnerability Pada Web Application
•Download as PPTX, PDF•
1 like•643 views
Aryya Dwisatya Widigdha - "Penetration Tool Berbasis Sistem Terdistribusi untuk Analisa Vulnerability Pada Web Application"
![ME
{
“name” : “Aryya Dwisatya Widigdha”,
“occupation” : [ “Student @ Teknik Informatika ITB”,
“Research Assistant @ Telkom Innovation & Development Center”,
“Network Administrator @ Teknik Informatika, Teknik Kelautan, & Teknik
Lingkungan ITB”],
“contact”: [{“email”:”13512043@std.stei.itb.ac.id”}, {“phone”:”085721169983”}],
“book”: [“7 Hari Menjadi Jawara di Internet (2012)”,”Carding for Beginner (2013)”],
“blog”: “www.bangsatya.com”
}
9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Recommended
Recommended
More Related Content
Viewers also liked
Viewers also liked (20)
Similar to Penetration Tool Berbasis Sistem Terdistribusi untuk Analisa Vulnerability Pada Web Application
Similar to Penetration Tool Berbasis Sistem Terdistribusi untuk Analisa Vulnerability Pada Web Application (20)
More from idsecconf
More from idsecconf (20)
Recently uploaded
Recently uploaded (20)
Penetration Tool Berbasis Sistem Terdistribusi untuk Analisa Vulnerability Pada Web Application
- 1. Penetration Tool Berbasis Sistem Terdistribusi untuk Analis Vulnerability Pada Web Application Aryya Dwisatya Widigdha 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com | IDSECCONF2015
- 2. ME { “name” : “Aryya Dwisatya Widigdha”, “occupation” : [ “Student @ Teknik Informatika ITB”, “Research Assistant @ Telkom Innovation & Development Center”, “Network Administrator @ Teknik Informatika, Teknik Kelautan, & Teknik Lingkungan ITB”], “contact”: [{“email”:”13512043@std.stei.itb.ac.id”}, {“phone”:”085721169983”}], “book”: [“7 Hari Menjadi Jawara di Internet (2012)”,”Carding for Beginner (2013)”], “blog”: “www.bangsatya.com” } 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 3. AGENDA Introduction Theories Problem & Solution Testing 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 4. INTRO
- 5. .id Domain Statistic 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 6. Incidents 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 7. So…? Many websites are lack of security 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 8. Then, How to solve these problems? PREVENTIVE Secure programming Secure deployment environment 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com CURATIVE Penetration testing Patching
- 9. Penetration Testing : What? “Upaya untuk mendapatkan akses ke resource tanpa memiliki pengetahuan terhadap username, password, atau akses legal pada umumnya.” 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 10. Penetration Testing : Why? Memverifikasi konfigurasi dari suatu sistem Melakukan training Uji coba teknologi baru Menemukan celah keamanan sebelum terlambat 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 11. Penetration Testing : How? Manually Using self-knowledge about the system such as information gathering, auth testing, session management testing, etc Automatically Using existed tool such as Acunetix, Nicto, Nesus, etc 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 12. Penetration Testing Tools 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 13. Penetration Testing on Web Application Information Gathering Configuration Management Testing Authentication Testing Session Management Testing Authorization Testing Business Logic Testing Data Validation Testing Denial of Service Testing Web Service Testing Ajax Testing 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 14. Facts Dependent to client resources such as hardware, internet, etc 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com Unscalable Good for small problem Implications Solution Distributed System
- 15. Mengapa Harus Sistem Terdistribusi? Scalable Availability Remote access 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 16. Sistem Terdistribusi : Karakteristik Karakteristik Scalability Availability Transparent Openness 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 17. Sistem Terdistribusi : Model Jaringan 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com Hybrid Network Model
- 18. RANCANGAN SOLUSI 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 19. Arsitektur Jaringan 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com KOMPONEN JARINGAN Server Tracker (Coordinator) Database End user
- 20. Database Server 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 21. Database Tracker 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 22. Protokol Komunikasi Message based via socket Json based format 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 23. IMPLEMENTASI & TESTING Authentication Testing : Brute Force Testing (OWASP-AT-004) Data Validation Testing: SQL Injection testing (OWASP-DV-005) 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 24. Port Scanning 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 25. Hasil Port Scanning 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com
- 26. MySQL Bruteforce 9/10/201513512043@std.stei.itb.ac.id | www.bangsatya.com