Analysis and Penetration Testing Eprocurement Application with SQL Injection
Journal: International Research Journal of Advanced Engineering and Science (Vol.4, No. 3)Publication Date: 2019-15-07
Authors : Muhammad Rizal Efendi Novrina;
Page : 366-368
Keywords : Eprocurement Application; SQL Injection; Blackbox Testing;
Abstract
— Eprocurement is a web-based application that is used for processing goods and services in one of social security company. Security in applications is certainly the main thing because organizational data must be kept confidential. On the other hand, this application can be accessed via internet. ISO 27001 A12.6 Control Objective (Technical Vulnerability Management) states that "information about the technical vulnerability of the information system used must be obtained in a timely manner, the organization's exposure to the vulnerability is evaluated and appropriate actions taken to address the associated risks". One attempt to evaluate the security of a system is by doing penetration testing. Penetration testing helps identify vulnerability gaps and provides details about vulnerabilities or threats that exist on the system, and provides guidance on how to overcome them. Therefore in this study an analysis and penetration testing of the eprocurement application for SQL Injection was carried out using the blackbox method. From the test results will get eprocurement application vulnerabilities along with recommendations for handling sql injection.
Other Latest Articles
- The Satisfaction of Marriage to Men Who Have Been Divorced
- Optimization Nitrogen Fertilizer Application for a New Mutant Rice Variety var. Sin Shwe Se by Using Isotopic 15N Tracer
- Reduction of Silicon Die Tilting Rejection through Indirect Material Enhancement
- Analyzing Failure in a Micromodule Package using Stress Modeling Approach
- Analysis of Penetration Testing Knowledge Web Application Base FAQ XYZ Company Using the Open Web Application Security Project (OWASP)
Last modified: 2020-06-12 20:38:48