Security is an effort that can be done to protect the information contained in it which refers to confidentiality. Information systems that are centrally prone to various types of attacks such as DoS, SQL Injections, Cross Site Scripting (XSS), Clickjacking, CSRF / Cross-site request forgery and so on. This will be a polemic for the information service owner and manager. The method to be carried out in this study is to do penetration testing to audit the security of the campus information system webserver. This activity aims to identify and exploit vulnerabilities in the web server. In this study, several tools will be used as a tool, including WHOIS, NMAP and Acunetix Web Vulnerability Scanner. Tests carried out are to look for vulnerabilities on the web server while the level of vulnerability that will be detected in this test sawill be inter alia higt risk, Medium risk and low risk. The aim is to find out the weaknesses in the web server so that in the future it can avoid DoS attacks, CSRF / Cross-site request forgery, Cross Site Scripting (XSS) and clickjacking. The results of this test are expected to be an input for the management of campus information systems for the future can be made improvements to existing weaknesses.
Robust defenses for cross-site request forgery
