Penetration Testing on Web Application Using Insecure Direct Object References (IDOR) Method

Abstract

Security on a network is a crucial aspect along with the increase in the amount of data exchanged on the internet network. Every company or organization is required to be able to always maintain the confidentiality, integrity, and authentication of data on a web application according to international security standards. This is partly due to the increasing dependence of the community on a web application so that the overall security of the system must always be measured and improved. This paper examines the weaknesses and vulnerabilities of the web application by penetration testing using a method in the form of Insecure Direct Object References (IDOR), with a case study using one URL contained in the application. The test results obtained are the tested URLs then show vulnerabilities to Insecure Direct Object References (IDOR).