Analisis Keamanan Website SMP Negeri 2 Bagan Sinembah dengan Framework ISSAF

The increasing number of cyberattacks that exploit system vulnerabilities has become a significant concern. The website of SMP Negeri 2 Bagan Sinembah serves a dual purpose, functioning both as the school’s information platform and as an online registration service. This makes system security an essential factor to ensure uninterrupted service and to protect user data. This study adopts the Information Systems Security Assessment Framework (ISSAF), developed by the Open Information Systems Security Group (OISSG), as the reference methodology for conducting security testing. The assessment stage was carried out using several security tools, including Nikto for scanning web server vulnerabilities, Nmap for network and service mapping, Sqlmap for testing SQL injection vulnerabilities, and SlowHTTPTest for evaluating potential Denial of Service (DoS) attacks. The testing results revealed several weaknesses, such as outdated server software, suboptimal security configurations, and potential susceptibility to DoS attacks. Based on these findings, this research recommends implementing software updates and improving security configurations.