Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) (Jun 2023)
Remote Penetration Testing with Telegram Bot
Abstract
The widespread of websites and web applications makes them the main target of cyber attacks. One way to increase security is to perform a penetration test. This test is carried out using the attacker's point of view to find out vulnerabilities on a website or web application and then exploit these vulnerabilities. The results of the penetration test can be used as recommendations to close the gaps that have been known through testing. Because penetration testing requires special resources such as tools and operating systems, a solution is needed to make penetration testing possible with low resources. Telegram bots that are open source offer a solution to overcome these problems. Using the SDLC waterfall approach, this bot was built to provide penetration testing services by connecting the Kali Linux server as a tools provider and the Telegram bot as an interface to users. As a result, users can access penetration testing tools anywhere and anytime via the Telegram bot. To ensure that the bot can run well, testing is carried out through black box testing and load testing. Telegram bot is a solution for integrated compact automatic mobile penetration tester with low resources. Based on load testing, the maximum limit of users who can access Telegram bots simultaneously is 35 users with the highest load average of 5.4. Based on the results of the User Acceptance Test, the Telegram bot has an acceptance rate score of 88,457 % and a questionnaire score of 774 which is an agreed area.
Keywords
