Deep Exploit

A Penetration testing tool built using Machine Learning.

Image

image-source: Deep-Exploit GitHub

Deep exploit is a penetration testing tool which is fully automated and built using machine learning concept. The tools is said to be linked with Metasploit.

Workflow
Image

image-source: Deep Exploit- Github

The machine learning exploitation tool has two operational modes:

1. Intelligence mode

2. Brute Force mode

Intelligence Mode

The intelligence mode consists 5 steps:

- Port scan the target server

In this phase, Nmap is used to enumerate the target server’s information. Later on, metaspoloit commands (Hosts and Services) are executed via RPC API.

These commands will help to fetch the information like OS running, Ports open, services running on those ports and versions of particular services as well.

- Exploit using metasploit for training

Image

image-source: Deep Exploit- Github

Deep exploit uses the learning model called A3C to learn the exploitation methodology. The vulnerable servers such as metasploitable2, metasploitable3 are used for the training.

- Exploit using metasploit for testing

- Post exploit

- Create Report

The report is generated in HTML format which gives insight to the identified vulnerabilities.

Brute Force Mode

In this mode, the tool executes exploits using all combinations of exploit module, target and payload corresponding to user's indicated product name and port number.

The four steps of Brute force mode:

- Get target products from user input

- Exploit using metasploit

- Post exploit

- Generate report

How to use

1. Initialize metasploit database

Initialize metasploit db (postgreSQL) using msfdb command- msfdb init

2. Launch the metasploit using command msfconsole

3. Launch RPC server by executing the command- load msgrpc ServerHost=192.168.220.144 ServerPort=55553 User=test Pass=test121

4. Edit config.ini

In config.ini, you need to edit several parameters- server_host, server_port, msgrpc_user,msgrpc_pass and lhost.

5. Train Deep Exploit

Intelligence mode comes into the picture now.

python DeepExploit.py -t vulnerable host IP -m train

-t is the IP address of the training host which vulnerable (i.e. Metasploitable2)

-m is the mode which is “train” in our case

6. Test using trained Deep Exploit

Execute the Deep Exploit on client machine with test mode.

python DeepExploit.py -t target host IP -m test

-t IP address of target host

-m mode which is “test” in this phase

7. Check the generated report

Run the command to extract the generated reportfirefox "Deep Exploit root path"/report/DeepExploit_report.html

You can use any browser to extract the report.

The tool is said to have efficient exploitation functionality along with deep penetration test cases. The notable feature is the tool has the self-learning capability with very less time as it has adopted the advanced machine learning model called A3C.

You can download the tool from here

RELATED ARTICLES

Image

4G LTE attacks

The attacks exploit design weaknesses in three key protocol procedures of the 4G LTE network known as attach, detach, and paging.

READ MORE
Image

Wifi Security Protocols

In today’s world Wi-Fi has become the essential thing in our daily routine. The wireless networks are also not secure in this digital age.

READ MORE