Simulation Vulnerabilities Web Application using Top 10 OWASP Approach

Angga Pramudia, Martin Suhartana, Rosilah Hassan
dx.doi.org/10.17576/apjitm-2025-1402-16

Abstract

The increasing use of web-based applications has also heightened security risks that must be addressed. According to data from Id-SIRTII/CC and BSSN, 976,429,996 anomalous traffic events were detected in 2022, and 403,990,813 in 2023, highlighting the high level of cyber-security threats in Indonesia. The lack of security updates for many websites makes them highly vulnerable to cyberattacks such as web defacement, a cyberattack that targets vulnera-ble websites or web servers by exploiting system flaws to alter, damage, or delete web page content. This study aims to analyze vulnerabilities in web applications and formulate mitiga-tion strategies based on OWASP Top 10 standards. Testing was conducted in a simulated en-vironment using both manual and automated methods with tools such as Kali Linux, Burp Suite, and ZAP to identify and exploit vulnerabilities. From 48 Use Cases and 100 Test Cas-es, 100 vulnerabilities were identified and successfully mitigated using appropriate strategies, achieving a 100% mitigation rate by implementing proper access control, input validation, and the use of parameterized queries or prepared statements, to improve web application security against similar threats in the future. The findings of this research are expected to assist devel-opers and organizations in implementing effective mitigation strategies to address vulnerabili-ties in the web applications they manage and develop.

keyword

web application vulnerabilities, OWASP Top 10, vulnerability analysis, mitigation strategies, cybersecurity

Area