The Jogja Smart Province (JSP) is a framework for using IT to encourage regional cooperation to assist in resolving specific strategic challenges or difficulties. Additionally, JSP supports the growth of potential in Yogyakarta’s Special Region. Several digital apps, including mobile and web-based ones, support JSP. These applications are crucial to actualizing the five JSP aspects of smart living, culture, society, environment, and governance. However, several significant issues, such as cyberattacks on JSP applications, pose a danger to the long-term viability of JSP. To do penetration testing of JSP-owned applications, the Department of Electrical Engineering and Informatics at the Vocational College of Universitas Gadjah Mada is conducting this community participation initiative. The Communication and Informatics Office of the Special Region of Yogyakarta permitted to handle JSP apps, is a partner in this community involvement initiative. Applications including Jogja Istimewa, Visiting Jogja, e-Prima, BiroHukum, Paperless, Jogjaplan, LPSE, Peladen, Sadewa, Jogjaprov, and Simpeg2 are among those targeted for penetration testing. The potential flaws detected in JSP applications can be found by performing penetration testing on these apps. In addition, several recommendations are made to strengthen JSP applications’ resistance to future cyberattacks. Therefore, this activity can improve the security of the users’ data and directly impact the community.

3S Labs. (2022). Web application penetration testing. https://www.3slabs.com/web-application-penetration-testing.php

Bastian, A., Sujadi, H., & Abror, L. (2020). Analisis keamanan aplikasi data pokok pendidikan (DAPODIK) menggunakan penetration testing dan SQL injection. INFOTECH journal, 65-70.

Diskominfo DIY. (2022). Jogja istimewa apps. https://diskominfo.jogjaprov.go.id/layanan/lihat/jogja-istimewa-apps

Diskominfo DIY. (2022). Jogja smart province - development plans. https://jsp.jogjaprov.go.id/p/6-development-plans

Hanafi, T. A., Iswahyudi C., & Rachmawati, R. Y. (2019). Aplikasi pendeteksi celah keamanan aplikasi web dengan penetration testing menggunakan metode input validation. Jurnal SCRIPT, 132-141.

Henry, K. M. (2012). Penetration testing: Protecting networks and systems. IT Governance Ltd.

Lee, H., Kwon, E., Yoo, K., & Chai, S. (2016). An impact of information security investment on information security incidents: A case of Korean organizations. ACM International Conference Proceeding Series,1-4.

Lopes, N. V. (2017). Smart governance: A key factor for smart cities implementation. International Conference on Smart Grid and Smart Cities, 277-282.

OWASP. (2022). About the OWASP foundation. https://owasp.org/about/

Pohan, Y. A., Yunus, Y., & Sumijan. (2021). Meningkatkan keamanan webserver aplikasi pelaporan pajak daerah menggunakan metode penetration testing execution standar. Jurnal Sistim Informasi dan Teknologi, 1-6.

Tarigan, B. V., Kusyanti, A., & Yahya, W. (2017). Analisis perbandingan penetration testing tool untuk aplikasi web. Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, 206-214.

Wicaksono, B., Kusumaningsih, R. Y., & Iswahyudi, C. (2020). Pengujian celah keamanan aplikasi berbasis web menggunakan teknik penetration pesting dan DAST (Dynamic Application Security Testing). Jurnal Jarkom, 1-9.