Anticipate Password Security with Burp Suite Using the Brute Force Attack Method
##plugins.themes.academic_pro.article.main##
Abstract
Website is one of the information and communication media that requires internet to run. Password generation is still less aware of user security. This provokes cyber criminals to carry out attacks to retrieve user login passwords. One possible attack is a brute force attack by experimenting with all possible passwords. This research aims to discuss brute force attack techniques and how to prevent them so that users can be more careful in creating passwords and be more aware of the security of their passwords. This research shows that the brute force method can work perfectly if there is no Captcha on the web login, limiting logins that do not block accounts for a long time, and not using Two Factor Authentication.
##plugins.themes.academic_pro.article.details##
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
References
[2] M. Fikry and M. Iskandarsyah, “Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) Menggunakan Pendekatan Drag and Drop,” J. Sains, Teknol. dan Ind., vol. 2, no. 1, pp. 64–70, 2016.
[3] I. Gunawan, “Penggunaan Brute Force Attack Dalam Penerapannya Pada Crypt8 Dan Csa-Rainbow Tool Untuk Mencari Biss,” InfoTekJar (Jurnal Nas. Inform. dan Teknol. Jaringan), vol. 1, no. 1, pp. 52–55, 2016.
[4] M. R. Sampurna, “Implementasi Hydra, FFUF Dan WFUZZ Dalam Brute Force DVWA: Implementasi Hydra, FFUF Dan WFUZZ Dalam Brute Force DVWA,” J. Netw. Comput. Appl. …, vol. 1, no. 2, pp. 25–33, 2022.
[5] K. Daya et al., “Pengamanan File Gambar Menggunakan,” TECHSI - J. Tek. Inform., vol. 10, no. 1, pp. 155–162, 2018.
[6] M. Affandi and S. Setyowibowo, “Implementasi Snort sebagai alat pendeteksi intrusi menggunakan Linux,” Teknol. Inf. Teor. Konsep, dan Implementasi J. Ilm., vol. 4, no. 2, pp. 98–112, 2013.
[7] Digininja, “GitHub - digininja/DVWA: Damn Vulnerable Web Application (DVWA).” https://github.com/digininja/DVWA (accessed Apr. 28, 2023).
[8] A. Hidayat and I. P. Saputra, “Analisa Dan Problem Solving Keamanan Router Mikrotik Rb750Ra Dan Rb750Gr3 Dengan Metode Penetration Testing (Studi Kasus: Warnet Aulia.Net, Tanjung Harapan Lampung Timur),” J. Resist. (Rekayasa Sist. Komputer), vol. 1, no. 2, pp. 118–124, 2018.
[9] A. Subari, S. Manan, E. Ariyanto, and A. Fauzi, “Pemanfaatan Metode Wavs (Web Application Security Scanners) Menggunakan Burp Suite Tools Dalam Audit Teknis Keamanan Sistem Informasi Surat Tugas Sekolah Vokasi Undip,” Gema Teknol., vol. 21, no. 4, pp. 125–130, 2022.
[10] E. Listartha, G. Arna, J. Saskara, D. Gede, and S. Santyadiputra, “Vulnerability Testing and Security Penetration on Prodi XYZ Thesis Management Web Applications,” Sci. Comput. Sci. Informatics J., vol. 4, no. 2, pp. 1–14, 2021.