<mets:mets OBJID="eprint_31911" LABEL="Eprints Item" xsi:schemaLocation="http://www.loc.gov/METS/ http://www.loc.gov/standards/mets/mets.xsd http://www.loc.gov/mods/v3 http://www.loc.gov/standards/mods/v3/mods-3-3.xsd" xmlns:mets="http://www.loc.gov/METS/" xmlns:mods="http://www.loc.gov/mods/v3" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><mets:metsHdr CREATEDATE="2026-07-05T22:22:13Z"><mets:agent ROLE="CUSTODIAN" TYPE="ORGANIZATION"><mets:name>EPrints Universitas Amikom Yogyakarta</mets:name></mets:agent></mets:metsHdr><mets:dmdSec ID="DMD_eprint_31911_mods"><mets:mdWrap MDTYPE="MODS"><mets:xmlData><mods:titleInfo><mods:title>IMPLEMENTASI PENILAIAN KERENTANAN DAN&#13;
PENGUJIAN PENETRASI BERBASIS PTES PLATFORM &#13;
EDUTECH SKILL UPKIDS UNTUK MENGIDENTIFIKASI&#13;
KERENTANAN KEAMANAN APLIKASI WEB</mods:title></mods:titleInfo><mods:name type="personal"><mods:namePart type="given">Rendy Aditiya Putra</mods:namePart><mods:namePart type="family">Kurniawan</mods:namePart><mods:role><mods:roleTerm type="text">author</mods:roleTerm></mods:role></mods:name><mods:abstract>Perkembangan platform teknologi pendidikan berbasis web di Indonesia&#13;
mengalami peningkatan signifikan seiring dengan transformasi digital di sektor&#13;
pendidikan. Namun, peningkatan ini juga diiringi dengan risiko keamanan siber,&#13;
khususnya pada platform yang mengelola data pribadi anak-anak sebagai&#13;
kelompok pengguna rentan. Platform Skill Upkids milik PT ANAK HEBAT&#13;
NUSANTARA merupakan salah satu aplikasi edutech yang menyimpan dan&#13;
memproses data sensitif pengguna. Ketiadaan audit keamanan sistem yang&#13;
terstandarisasi berpotensi menimbulkan kerentanan keamanan yang dapat&#13;
berdampak pada kebocoran data, pengambilalihan akun, serta gangguan terhadap&#13;
kerahasiaan dan integritas sistem.&#13;
Penelitian ini bertujuan untuk mengidentifikasi dan menganalisis&#13;
kerentanan keamanan pada aplikasi web Skill Upkids dengan menerapkan metode&#13;
Vulnerability Assessment dan Penetration Testing (VA/PT) berbasis Penetration&#13;
Testing Execution Standard (PTES). Metode penelitian dilakukan menggunakan&#13;
pendekatan Blackbox testing melalui tujuh tahapan PTES, yaitu pre-engagement&#13;
interactions, intelligence gathering, threat modelling, vulnerability analysis,&#13;
exploitation, post-exploitation, dan reporting. Proses pengujian didukung oleh&#13;
penggunaan alat bantu seperti OpenVAS, Burp Suite, Nmap, WHOIS, dan&#13;
Wappalyzer, serta pengujian manual untuk memvalidasi temuan teknis.&#13;
Hasil penelitian menunjukkan adanya 5 kerentanan kritis, yaitu session&#13;
hijacking akibat manajemen sesi yang lemah, mekanisme reset kata sandi tanpa&#13;
verifikasi identitas, ketiadaan token CSRF pada formulir input, cookie sesi tanpa&#13;
atribut keamanan, serta terbukanya port backend yang menggunakan protokol&#13;
HTTP tanpa enkripsi. Temuan ini menunjukkan bahwa sistem belum menerapkan&#13;
kontrol keamanan dasar secara optimal. Penelitian ini diharapkan dapat&#13;
dimanfaatkan oleh pengembang aplikasi edutech, tim keamanan siber, serta&#13;
institusi pendidikan sebagai acuan dalam meningkatkan keamanan aplikasi web&#13;
dan melindungi data pengguna anak-anak. Penelitian lanjutan disarankan untuk mencakup pengujian keamanan berkelanjutan dan evaluasi kebijakan keamanan&#13;
sistem.</mods:abstract><mods:classification authority="lcc">000 Ilmu komputer, informasi dan pekerjaan umum</mods:classification><mods:originInfo><mods:dateIssued encoding="iso8061">2026-01-22</mods:dateIssued></mods:originInfo><mods:originInfo><mods:publisher>Universitas AMIKOM Yogyakarta;Fakultas Ilmu Komputer</mods:publisher></mods:originInfo><mods:genre>Thesis</mods:genre></mets:xmlData></mets:mdWrap></mets:dmdSec><mets:amdSec ID="TMD_eprint_31911"><mets:rightsMD ID="rights_eprint_31911_mods"><mets:mdWrap MDTYPE="MODS"><mets:xmlData><mods:useAndReproduction>
<p xmlns="http://www.w3.org/1999/xhtml"><strong>For work being deposited by its own author:</strong> 
In self-archiving this collection of files and associated bibliographic 
metadata, I grant EPrints Universitas Amikom Yogyakarta the right to store 
them and to make them permanently available publicly for free on-line. 
I declare that this material is my own intellectual property and I 
understand that EPrints Universitas Amikom Yogyakarta does not assume any 
responsibility if there is any breach of copyright in distributing these 
files or metadata. (All authors are urged to prominently assert their 
copyright on the title page of their work.)</p>

<p xmlns="http://www.w3.org/1999/xhtml"><strong>For work being deposited by someone other than its 
author:</strong> I hereby declare that the collection of files and 
associated bibliographic metadata that I am archiving at 
EPrints Universitas Amikom Yogyakarta) is in the public domain. If this is 
not the case, I accept full responsibility for any breach of copyright 
that distributing these files or metadata may entail.</p>

<p xmlns="http://www.w3.org/1999/xhtml">Clicking on the deposit button indicates your agreement to these 
terms.</p>
    </mods:useAndReproduction></mets:xmlData></mets:mdWrap></mets:rightsMD></mets:amdSec><mets:fileSec><mets:fileGrp USE="reference"><mets:file ID="eprint_31911_320437_1" SIZE="945509" OWNERID="https://eprints.amikom.ac.id/id/eprint/31911/12/COVER.pdf" MIMETYPE="application/pdf"><mets:FLocat LOCTYPE="URL" xlink:type="simple" xlink:href="https://eprints.amikom.ac.id/id/eprint/31911/12/COVER.pdf"></mets:FLocat></mets:file></mets:fileGrp><mets:fileGrp USE="reference"><mets:file ID="eprint_31911_320415_1" SIZE="207232" OWNERID="https://eprints.amikom.ac.id/id/eprint/31911/2/BAB%20I.pdf" MIMETYPE="application/pdf"><mets:FLocat LOCTYPE="URL" xlink:type="simple" xlink:href="https://eprints.amikom.ac.id/id/eprint/31911/2/BAB%20I.pdf"></mets:FLocat></mets:file></mets:fileGrp><mets:fileGrp USE="reference"><mets:file ID="eprint_31911_320416_1" SIZE="961651" OWNERID="https://eprints.amikom.ac.id/id/eprint/31911/3/BAB%20II.pdf" MIMETYPE="application/pdf"><mets:FLocat LOCTYPE="URL" xlink:type="simple" xlink:href="https://eprints.amikom.ac.id/id/eprint/31911/3/BAB%20II.pdf"></mets:FLocat></mets:file></mets:fileGrp><mets:fileGrp USE="reference"><mets:file ID="eprint_31911_320419_1" SIZE="563141" OWNERID="https://eprints.amikom.ac.id/id/eprint/31911/6/BAB%20III.pdf" MIMETYPE="application/pdf"><mets:FLocat LOCTYPE="URL" xlink:type="simple" xlink:href="https://eprints.amikom.ac.id/id/eprint/31911/6/BAB%20III.pdf"></mets:FLocat></mets:file></mets:fileGrp><mets:fileGrp USE="reference"><mets:file ID="eprint_31911_320421_1" SIZE="1499746" OWNERID="https://eprints.amikom.ac.id/id/eprint/31911/7/BAB%20IV.pdf" MIMETYPE="application/pdf"><mets:FLocat LOCTYPE="URL" xlink:type="simple" xlink:href="https://eprints.amikom.ac.id/id/eprint/31911/7/BAB%20IV.pdf"></mets:FLocat></mets:file></mets:fileGrp><mets:fileGrp USE="reference"><mets:file ID="eprint_31911_320422_1" SIZE="186746" OWNERID="https://eprints.amikom.ac.id/id/eprint/31911/8/BAB%20V.pdf" MIMETYPE="application/pdf"><mets:FLocat LOCTYPE="URL" xlink:type="simple" xlink:href="https://eprints.amikom.ac.id/id/eprint/31911/8/BAB%20V.pdf"></mets:FLocat></mets:file></mets:fileGrp><mets:fileGrp USE="reference"><mets:file ID="eprint_31911_320429_1" SIZE="128535" OWNERID="https://eprints.amikom.ac.id/id/eprint/31911/11/Daftar%20Pustaka%20dan%20Lampiran.pdf" MIMETYPE="application/pdf"><mets:FLocat LOCTYPE="URL" xlink:type="simple" xlink:href="https://eprints.amikom.ac.id/id/eprint/31911/11/Daftar%20Pustaka%20dan%20Lampiran.pdf"></mets:FLocat></mets:file></mets:fileGrp><mets:fileGrp USE="reference"><mets:file ID="eprint_31911_320426_1" SIZE="865420" OWNERID="https://eprints.amikom.ac.id/id/eprint/31911/10/Publikasi.pdf" MIMETYPE="application/pdf"><mets:FLocat LOCTYPE="URL" xlink:type="simple" xlink:href="https://eprints.amikom.ac.id/id/eprint/31911/10/Publikasi.pdf"></mets:FLocat></mets:file></mets:fileGrp></mets:fileSec><mets:structMap><mets:div DMDID="DMD_eprint_31911_mods" ADMID="TMD_eprint_31911"><mets:fptr FILEID="eprint_31911_document_320437_1"></mets:fptr><mets:fptr FILEID="eprint_31911_document_320415_1"></mets:fptr><mets:fptr FILEID="eprint_31911_document_320416_1"></mets:fptr><mets:fptr FILEID="eprint_31911_document_320419_1"></mets:fptr><mets:fptr FILEID="eprint_31911_document_320421_1"></mets:fptr><mets:fptr FILEID="eprint_31911_document_320422_1"></mets:fptr><mets:fptr FILEID="eprint_31911_document_320429_1"></mets:fptr><mets:fptr FILEID="eprint_31911_document_320426_1"></mets:fptr></mets:div></mets:structMap></mets:mets>