DEVELOPMENT OF A REMOTE ACCESS TOOL FOR PENTEST AUTOMATION IN GO
Keywords:
Pentesting automation, remote access, information security, golang programming language, information security threatsAbstract
In the context of growing significance of information security, the automation of penetration testing processes becomes an indispensable tool for effectively protecting modern digital systems. When conducting audits and penetration tests, it is crucial for businesses and research teams to have a flexible tool at their disposal that provides a high degree of control over remote nodes with minimal physical intervention. The goal of this study is to develop and implement a remote access tool for automating security testing in the Go programming language. Thanks to Go’s compactness and expressiveness, the developers were able to create a solution that enables comprehensive audits of information systems under limited physical access conditions while efficiently managing the testing process.This article provides a detailed overview of the architectural solutions and functional features of the tool. Its key modules include components for accessing the file system, console, and proxying network connections, making the tool versatile and convenient at different stages of penetration testing. In addition, special attention is paid to security issues and fault tolerance, as remote operations require robust encryption and effective risk management. During testing, a comparison was made with existing solutions, which revealed significant advantages of the proposed approach in terms of speed and reliability in detecting vulnerabilities.The results of the study confirm that the developed tool can accurately identify critical flaws and entry points that attackers might exploit. Moreover, it not only accelerates the vulnerability identification process but also simplifies documentation and reproduction during security planning. Consequently, the proposed solution significantly enhances the efficiency of security assurance and contributes to better protection of valuable information assets—an especially relevant outcome given the ever-evolving landscape of cyber threats.
