Remote Penetration Testing with Telegram Bot

  • Naufal Hafiz Politeknik Siber dan Sandi Negara
  • Obrina Candra Briliyant Politeknik Siber dan Sandi Negara
  • Dimas Febriyan Priambodo Politeknik Siber dan Sandi Negara
  • Muhammad Hasbi STMIK Sinar Nusantara
  • Sri Siswanti STMIK Sinar Nusantara
DOI: https://doi.org/10.29207/resti.v7i3.4870
Keywords: Mobile Penetration Tester, Penetration Testing, Telegram Bot, Web Vulnerabilities

Abstract

The widespread of websites and web applications makes them the main target of cyber attacks. One way to increase security is to perform a penetration test. This test is carried out using the attacker's point of view to find out vulnerabilities on a website or web application and then exploit these vulnerabilities. The results of the penetration test can be used as recommendations to close the gaps that have been known through testing. Because penetration testing requires special resources such as tools and operating systems, a solution is needed to make penetration testing possible with low resources. Telegram bots that are open source offer a solution to overcome these problems. Using the SDLC waterfall approach, this bot was built to provide penetration testing services by connecting the Kali Linux server as a tools provider and the Telegram bot as an interface to users. As a result, users can access penetration testing tools anywhere and anytime via the Telegram bot. To ensure that the bot can run well, testing is carried out through black box testing and load testing. Telegram bot is a solution for integrated compact automatic mobile penetration tester with low resources. Based on load testing, the maximum limit of users who can access Telegram bots simultaneously is 35 users with the highest load average of 5.4. Based on the results of the User Acceptance Test, the Telegram bot has an acceptance rate score of 88,457 % and a questionnaire score of 774 which is an agreed area.

 

Downloads

Download data is not yet available.

References

G. Werner, S. Yang, and K. McConky, “Time series forecasting of cyber attack intensity,” ACM Int. Conf. Proceeding Ser., 2017,

I. B. M. Security, “IBM: 2021 X-Force Threat Intelligence Index,” 2021.

M. Humayun, M. Niazi, N. Jhanjhi, M. Alshayeb, and S. Mahmood, “Cyber Security Threats and Vulnerabilities: A Systematic Mapping Study,” Arab. J. Sci. Eng., vol. 45, no. 4, pp. 3171–3189, 2020,

G. Jayasuryapal, P. M. Pranay, H. Kaur, and Swati, “A Survey on Network Penetration Testing,” Proc. 2021 2nd Int. Conf. Intell. Eng. Manag. ICIEM 2021, pp. 373–378, 2021,

H. M. Z. Al Shebli and B. D. Beheshti, “A study on penetration testing process and tools,” 2018 IEEE Long Isl. Syst. Appl. Technol. Conf. LISAT 2018, pp. 1–7, 2018,

N. Bhingardeve and S. Franklin, “A Comparison Study of Open Source Penetration Testing Tools,” Int. J. Trend Sci. Res. Dev. ( IJTSRD ), pp. 2595–2597, 2018.

A. D. Nobari, N. Reshadatmand, and M. Neshati, “Analysis of telegram, an instant messaging service,” Int. Conf. Inf. Knowl. Manag. Proc., vol. Part F1318, pp. 2035–2038, 2017,

W. K. Pertiwi, “Telegram Genap Berusia 8 Tahun, Apa Saja Pencapaiannya?,” Kompas.com. 2021. [Online]. Available: https://tekno.kompas.com/read/2021/08/16/17020017/telegram-genap-berusia-8-tahun-apa-saja-pencapaiannya?page=all

R. Rianto, A. Rahmatulloh, and T. A. Firmansah, “Telegram Bot Implementation in Academic Information Services with The Forward Chaining Method,” Sinkron, vol. 3, no. 2, pp. 73–78, 2019,

G. Sastrawangsa, “Pemanfaatan Telegram Bot Untuk Automatisasi Layanan Dan Informasi Mahasiswa Dalam Konsep Smart Campus,” Konf. Nas. Sist. Inform., p. 773, 2017.

S. Yessou, “Telegram Remote-Shell,” Github. 2020. [Online]. Available: https://github.com/fnzv/trsh

H. Suryapambagya, “Telegram bot for pentest,” Github. 2018. [Online]. Available: https://github.com/AmikomVirusCommunity/telegram-bot-for-pentest

A. Muharam, “Kerja Remote, Tren Sistem Kerja Saat Ini.” 2018. [Online]. Available: https://www.logique.co.id/blog/2018/04/27/kerja-remote-tren-sistem-kerja-saat-ini/

“State of Remote Work,” Owl Labs. 2020. [Online]. Available: https://owllabs.com/state-of-remote-work/2020

H. W. Lim, “Implementing Remote Working Policy in Corporate Offices in Thailand : Strategic Facility Management Perspective,” 2021.

D. R. Bouqin, “Github,” J. Med. Libr. Assoc., vol. 103, no. 3, pp. 1667–1668, 2015.

S. Zuhri, G. I. Marthasari, and Y. Azhar, “Otomatisasi Transaksi Toko Online Berbasis Woocommerce Menggunakan Bot Telegram,” J. Repos., vol. 2, no. 6, p. 717, 2020,

M. Ridwan, I. Fitri, and B. Benrahman, “Rancang Bangun Marketplace Berbasis Website menggunakan Metodologi Systems Development Life Cycle (SDLC) dengan Model Waterfall,” J. JTIK (Jurnal Teknol. Inf. dan Komunikasi), vol. 5, no. 2, p. 173, 2021,

“Politeknik Siber dan Sandi Negara.” [Online]. Available: https://poltekssn.ac.id/

L. L. Peterson and B. S. Davie, Computer Networks: A Systems Approach. Elsevier Science, 2011. [Online]. Available: https://books.google.co.id/books?id=BvaFreun1W8C

J. Yi, “Introduction to the Telegram Bot API, Part 1 Chatbots Life,” 2019. https://chatbotslife.com/introduction-to-the-telegram-bot-api-part-1-2ae36f7b30a4 (accessed Apr. 30, 2023).

R. Bahar; Wibawa, Basuki; Situmorang, Rekayasa Perangkat Lunak: Pendekatan Terstruktur & Berorientasi Objek.

R. S, System Analysis and Design, 7th editio., vol. 02, no. 05. Wiley Publishing, Inc, 2012.

S. Chakrabartty and S. Nath Chakrabartty, “Scoring and analysis of likert scale: Few approaches,” J. Knowl. Manag. Inf. Technol., vol. 1, no. 2, pp. 31–44, 2019, [Online]. Available: https://www.researchgate.net/publication/321268871

A. Joshi, S. Kale, S. Chandel, and D. Pal, “Likert Scale: Explored and Explained,” Br. J. Appl. Sci. Technol., vol. 7, no. 4, pp. 396–403, 2015,

T. Snadhika Jaya, “Pengujian Aplikasi dengan Metode Blackbox Testing Boundary Value Analysis (Studi Kasus: Kantor Digital Politeknik Negeri Lampung),” J. Inform. J. Pengemb. IT, vol. 03, no. 02, pp. 45–48, 2018,

D. Fatiyah, A. Chusnul; Gumilang, S.F Surya; Witarsyah, “Pengujian Fungsional Dan Non Fungsional Aplikasi Web Borongajayu,” vol. 6, no. 2, pp. 2–8, 2019.

Z. M. Jiang and A. E. Hassan, “A Survey on Load Testing of Large-Scale Software Systems,” IEEE Trans. Softw. Eng., vol. 41, no. 11, pp. 1091–1118, Nov. 2015,

I. Free Software Foundation, “Monitorix.” Accessed: Jul. 20, 2022. [Online]. Available: https://www.monitorix.org/

Published
2023-06-03
How to Cite
Hafiz, N., Briliyant, O. C., Priambodo, D. F., Hasbi, M., & Siswanti, S. (2023). Remote Penetration Testing with Telegram Bot. Jurnal RESTI (Rekayasa Sistem Dan Teknologi Informasi), 7(3), 705 - 714. https://doi.org/10.29207/resti.v7i3.4870
Issue
Vol 7 No 3 (2023): June 2023
Section
Information Systems Engineering Articles

Copyright (c) 2023 Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi)

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Copyright in each article belongs to the author

  1. The author acknowledges that the RESTI Journal (System Engineering and Information Technology) is the first publisher to publish with a license Creative Commons Attribution 4.0 International License.
  2. Authors can enter writing separately, arrange the non-exclusive distribution of manuscripts that have been published in this journal into other versions (eg sent to the author's institutional repository, publication in a book, etc.), by acknowledging that the manuscript has been published for the first time in the RESTI (Rekayasa Sistem dan Teknologi Informasi) journal ;