Exploring the Depths: An Overview of Penetration Testing

  • Muhammad Yusuf Universitas Singaperbangsa Karawang, Indonesia
  • Aries Suharso Universitas Singaperbangsa Karawang, Indonesia
Keywords: Web server security, Penetration testing, PRISMA method

Abstract

The security of a web server from data leaks is a critical factor before creating one. Penetration testing is an attempt to exploit a computer system to find data stored within it. This review aims to provide an overview of penetration testing, highlighting its implementation scenarios, models, methodologies, and tools from various existing studies. The results of this review are expected to serve as a reference for understanding the aspects and solutions of penetration testing. The review was conducted by collecting 1,023 articles, which were evaluated based on the PRISMA method, narrowing them down to 12 articles. These 12 articles were then classified based on the tools, models, and methodologies used in penetration testing. This classification aims to provide deeper insights into the best practices for penetration testing and to identify the most effective tools and techniques for securing web servers against threats and data breaches.

References

Anton, A., Earp, J. B., & Young, J. D. (2010). How internet users’ privacy concerns have evolved since 2002. IEEE Security & Privacy, 8(1), 21-27. https://doi.org/10.1109/MSP.2010.56

Bacudio, A. G., Yuan, X., Chu, B. T., & Jones, L. (2011). An overview of penetration testing. International Journal of Network Security & Its Applications (IJNSA), 3(6), 19-38. https://doi.org/10.5121/ijnsa.2011.3602

Bejtlich, R. (2004). The Tao of Network Security Monitoring: Beyond Intrusion Detection. Addison-Wesley Professional.

Bisong, A., & Rahman, S. M. (2011). An overview of the security concerns in enterprise cloud computing. International Journal of Network Security & Its Applications (IJNSA), 3(1), 30-45. https://doi.org/10.5121/ijnsa.2011.3103

Chuvakin, A., Schmidt, C., & Phillips, S. (2004). Security Warrior. O'Reilly Media, Inc.

Cox, S., & Gergis, A. (2005). *Ethical Hacking: Network Security Assessment. Syngress.

Farina, B., Scanlon, M., & Le-Khac, N. A. (2015). Overview of the PRISMA method and its applicability in digital forensics. Digital Investigation, 14(Supplement 1), S1-S9. https://doi.org/10.1016/j.diin.2015.05.007

Joshi, R. C., & Joshi, A. (2013). Penetration testing framework for cloud computing systems. Journal of Computer Networks and Communications, 2013, Article ID 726474. https://doi.org/10.1155/2013/726474

McClure, S., Scambray, J., & Kurtz, G. (2012). Hacking Exposed 7: Network Security Secrets and Solutions. McGraw-Hill Osborne Media.

Miller, B., & Gregory, J. (2014). Network Security Evaluation Using Penetration Testing. Springer.

NIST. (2008). Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities. NIST Special Publication 800-84. National Institute of Standards and Technology.

Scarfone, K., Souppaya, M., Cody, A., & Orebaugh, A. (2008). Technical Guide to Information Security Testing and Assessment. NIST Special Publication 800-115. National Institute of Standards and Technology.
Published
2024-07-02
How to Cite
Yusuf, M., & Suharso, A. (2024). Exploring the Depths: An Overview of Penetration Testing. JURNAL LENTERA : Kajian Keagamaan, Keilmuan Dan Teknologi, 23(2), 180-185. Retrieved from https://ejournal.staimnglawak.ac.id/index.php/lentera/article/view/1477
Issue
Vol 23 No 2 (2024): Juni 2024 (Edisi Teknologi Informasi dan Komunikasi)
Section
Articles