- CXO Track
- For You
- Horror Stories from Hacker World
- Resume Clinic
- Goa 2020
Furqan Khan & Siddharth Anbalahan
The tool orchestrates the capabilities of multiple other open source tools in Kali-Linux, and furthermore makes great use of parallel processing, thereby reducing scan and exploitation time. Wolverine is built on top of python and Django stack and leverages rabbit-mq and celery for scheduling and queuing capabilities. The tool has nessus like GUI with a 3 tier architecture. The tool has some cool features worth mentioning given as under:
- Port Scanning: The tool makes use of our favorite tool : Nmap to conduct port scanning using a python wrapper. It’s worth mentioning that our tool performs port scanning 40% faster than Nmap. The improvement in speed has to do with the concurrency and parallelism the tool offers. We shall talk more on this in the coming section.
- Service Scanning and Orchestration : The tool makes use of tools such as : Nmap Nse ,metasploit auxiliary , w3af ,sql-map , dns-enum , nbtscan , enum4linux , hydra , burp-suite(api) , external Python, Ruby, Perl scripts, Metasploit modules, packet sniffing/Wireshark , other cli-utilities and it exhaustively uses all kind kali Linux tools (both terminal and api) ,open source scripts which are used during the enumeration phase of pen testing. Again the service scanning also makes use of multi-processing , thereby reducing the scan time at the same time improves the enumeration results by using exhaustive number of tools / scripts.
- Machine Learning / ANN for predictive analysis : After service enumeration gets over , the tool makes use of a trained ANN model , to predict weather an executed test for enumeration is reporting service vulnerability or not. Based on the analysis an intermediate report is produced.
- Service Exploitation: The tool makes a heavy use of metasploit in order to carry out service exploitation. The results from predictive analysis suggest which metasploit exploit module can be used and automatically invokes metasploit with relevant parameters. The tool also makes use of many open source exploits from exploit db for service exploitation.
- AScan Profiles: The tool gives user the options to configure scan profiles that enables a user to select custom test cases against each service to be executed.
- Pausing resuming & Scheduling Scans: The tool gives the ability to conduct scheduled scans. Both on demand and scheduled scans can be paused and resumed.
- Authenticated Scans : the tool has the capability to conduct authenticated scans (smb-windows , ssh-Linux) , and conduct service enumeration , to see if there are weak file permissions ,unpatched kernel or other vectors that may lead to privilege escalation.
- Asset Inventory & vulnerability history: The tool maintains an asset inventory list and has the capability to tag vulnerabilities as new, existing and open as per historic scans.
- Orchestration with open source tools: The tool can integrate with any cli or api based open source tool without requiring any change in code. The tool uses a master catalogue that contains mapping of tools that need to get invoked for service enumeration. At any point in time, if a new tool needs to get integrated, one just needs to update the master configuration / catalogue file.
- Orchestration with commercial tools: The tool has the capability to integrate with other scanners such as nessus, burp suite-api, net sparker, in order to compliment the results.
- Open API’s: The tool is built on top of rest API, and therefore can very easily integrate with other tools.
- Scan Modes : The tool operates in 3 modes given as under :
- On demand (Scanning and Exploitation)
- Scheduled (Scanning & Exploitation)
- Sequential - On-Demand (Scanning , Reconfigure and exploitation)
- Terminal automation: the tool not only automates/orchestrates API based tools, it further has the capability to automate any command line tool or utility by making use of terminal automation which is powered by pexpect.
Furqan Khan is a security researcher who loves to innovate in Python, pentesting, ML, AI, and big data ecosystems With a gold medal at both M.Tech and B.Tech, he started off as a research scientist at NITK, where he developed a web app scanner for the Ministry of IT (India). He then worked as a security researcher with Paladion Networks and Wipro Dubai exploring pentesting/exploitation space where he developed tools such as vulnerability scanner and a threat intelligence platform. Currently, he is working with Du- Telecom Dubai as a pentesting manager. Along with having OSCP certification ,he has published a book on python & penetration testing (https://www.amazon.in/Hands-Penetration-Testing-Python-intelligent- ebook/dp/B07G859QPL) and furthermore has co-authored white papers and journals with Springer and Elsevier, and has also presented his research and development work at international conferences, including CoCon.
Furqan also has multiple CVE's to his name (CVE-2019-13498,CVE-2019- 13497,CVE-2019-13496)
Siddharth Anbalahan has an Experienced Security Manager with a demonstrated history of working in the electrical and electronic manufacturing industry. Skilled in Secure Code Review, Linux, Python and Information Security. 10 years of experience in Software Security Testing and Penetration Testing, in the areas of Web, Embedded Systems and Mobile Applications. Co-author of the book “Application Security in the ISO 27001 Environment” Presented at many international conferences OWASP, RSA. Conducted Training at OWASP Infosec 2012 New Delhi –“Advanced Security Code Reviews”. Conducted Training at OWASP Appsec USA – San Francisco – 2015 “Securely Designing and Developing with Popular MVC Frameworks”. Presented a Talk at RSA Conference Abu Dhabi – 2015 – “ARM A Security Opportunity against Advanced Persistent Threats”