Vulnerability analysis of SMAN 1 Banjar Agung Website using OWASP ZAP

Website security is an important aspect of designing a website and managing web systems. However, many developers still pay little attention to security aspects from the early stages of development. In fact, the website that has been built will be the target of attacks by hackers at any time. Therefore, this research aims to analyze the vulnerability of the SMAN 1 Banjar Agung website based on the OWASP Top 10 standard. The research method was conducted through vulnerability assessment using OWASP ZAP tools with the stages of spidering, passive scanning, and active scanning. This test allows identification of vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and security configuration weaknesses. The scan results showed eight vulnerabilities, consisting of two medium, three low, and three informational vulnerabilities. Although the risk level is low, the website still requires mitigation through the application of security headers, dependency updates, and removal of sensitive information to make the system more secure and stable.