RANCANG BANGUN TOOLS ENUMERATION CIPHERION DALAM ANALISIS KEAMANAN WEBSITE NINJA SHL DENGAN TEKNIK PENETRATION TESTING

    God Friend Hutalung, - and Galura Muhammad Suranegara, - and Ahmad Fauzi, - (2025) RANCANG BANGUN TOOLS ENUMERATION CIPHERION DALAM ANALISIS KEAMANAN WEBSITE NINJA SHL DENGAN TEKNIK PENETRATION TESTING. S1 thesis, Universitas Pendidikan Indonesia.

    Abstract

    Keamanan informasi merupakan salah satu aspek yang sangat krusial dalam dunia digital yang semakin berkembang pesat. Seiring meningkatnya ketergantungan pada teknologi informasi, ancaman terhadap sistem dan data menjadi semakin kompleks dan beragam. Dalam konteks keamanan web, proses enumerasi sebagai bagian dari penetration testing berperan penting dalam mengidentifikasi subdomain, direktori tersembunyi, layanan berjalan, dan konfigurasi sistem yang dapat diakses publik, yang kemudian dapat menjadi celah potensial bagi serangan siber. Namun, metode manual dalam enumerasi kerap tidak efisien dan rentan terhadap kesalahan, sehingga diperlukan pendekatan otomatis yang lebih akurat dan cepat. Penelitian ini bertujuan untuk mengembangkan sebuah alat enumerasi otomatis bernama Cipherion, yang hanya berfokus pada aspek information gathering dan tidak melibatkan eksploitasi aktif terhadap sistem target. Cipherion dikembangkan menggunakan bahasa pemrograman Python dan diuji pada sistem operasi Linux dan Windows, dengan fitur identifikasi aset yang relevan seperti subdomain, direktori tersembunyi, layanan terbuka, dan konfigurasi publik berbasis protokol umum seperti HTTP, HTTPS, dan FTP. Pengujian dilakukan secara terkontrol pada website Ninja Shl sebagai simulasi target, tanpa melibatkan sistem produksi guna menjaga etika dan keamanan. ----- Information security is a critical aspect in today’s rapidly evolving digital landscape. As dependence on information technology increases, threats to systems and data have become more complex and diverse. In the context of web security, enumeration plays a pivotal role in penetration testing by identifying subdomains, hidden directories, active services, and publicly accessible system configurations, all of which may serve as potential entry points for cyberattacks. However, manual enumeration methods tend to be inefficient and prone to human error, necessitating an automated approach that enhances both accuracy and speed. This research aims to develop an automated enumeration tool called Cipherion, designed specifically for the information gathering phase without engaging in active exploitation of the target system. Cipherion is developed using Python and tested on both Linux and Windows operating systems, featuring capabilities to identify assets such as subdomains, hidden directories, open services, and publicly accessible configurations using standard web protocols like HTTP, HTTPS, and FTP. The testing process is conducted in a controlled environment targeting the Ninja Shl website, ensuring ethical and secure analysis without involving live production systems.

    Baca Full Text klik disini
    [thumbnail of S_SISTEL_2103445_Title.pdf] Text
    S_SISTEL_2103445_Title.pdf
    Download (439kB)
    [thumbnail of S_SISTEL_2103445_Chapter1.pdf] Text
    S_SISTEL_2103445_Chapter1.pdf
    Download (264kB)
    [thumbnail of S_SISTEL_2103445_Chapter2.pdf] Text
    S_SISTEL_2103445_Chapter2.pdf
    Restricted to Staf Perpustakaan
    Download (309kB)
    [thumbnail of S_SISTEL_2103445_Chapter3.pdf] Text
    S_SISTEL_2103445_Chapter3.pdf
    Download (424kB)
    [thumbnail of S_SISTEL_2103445_Chapter4.pdf] Text
    S_SISTEL_2103445_Chapter4.pdf
    Restricted to Staf Perpustakaan
    Download (4MB)
    [thumbnail of S_SISTEL_2103445_Chapter5.pdf] Text
    S_SISTEL_2103445_Chapter5.pdf
    Download (232kB)
    [thumbnail of S_SISTEL_2103445_Appendix.pdf] Text
    S_SISTEL_2103445_Appendix.pdf
    Restricted to Staf Perpustakaan
    Download (1MB)
    Official URL: https://repository.upi.edu/
    Item Type: Thesis (S1)
    Additional Information: https://scholar.google.com/citations?view_op=list_works&hl=id&authuser=4&user=KC1fMNIAAAAJ ID SINTA PEMBIMBING: Galura Muhammad Suranegara: 6703764 Ahmad Fauzi: 6122861
    Uncontrolled Keywords: Penetration Testing, Enumeration, Automated Tool, Keamanan Informasi, Cipherion. Penetration Testing, Enumeration, Automated Tool, Information Security, Cipherion.
    Subjects: T Technology > T Technology (General)
    Divisions: UPI Kampus Purwakarta > S1 Sistem Telekomunikasi
    Depositing User: God Friend Hutagalung
    Date Deposited: 12 Sep 2025 08:00
    Last Modified: 12 Sep 2025 08:00
    URI: http://repository.upi.edu/id/eprint/138148

    Actions (login required)

    View Item View Item