Leverage penetration testing tech using Machine Learning
Using traditional tools to gather information, scouting a target in the pentest process is almost obsolete, as well as protection layers are increasingly better designed. Traditional tools are often ineffective because they enforce the entire signature, Urabe will avoid this weakness and enforce all the calculated exploits to be valid for the defined target. I named my tool urabe, Urabe is completely automated.
This made me come up with the idea of combining machine learning into the tool to improve accuracy, identifying products that are more obvious than traditional tools that failed. Like other tools, we always need to scout the investigate features of a target product, create signature with continuous updates of the product. I have integration machine learning into the process to make the update easier and more optimize. Urabe uses deep learning to improve classification accuracy proportional to the amount of learning data. Every time you use Urabe to reconnaissance the target, it will constantly take data to learning. Urabe will handle all HTTP headers of a response request, using them as data to learn, the more Urabe you use, the more accurate the detection of components and software will increase. Urabe can help you scout information such as (OS, Middleware, Framework, CMS, etc …) based on the collected learning data. It will eliminate false information as well as test the penetration of the target and create results reports. Urabe consists of 4 main engines to run: – Software analysis apply Deep Learning
- CVE Searching Analysis
- Signature generates apply Deep Learning
- Report generates
Urabe will minimize boring work in the process and increase the accuracy of the work. We can also understand that the urabe develops itself by applying ML.
Tai Nguyen Anh
I am an independent security researcher, bug hunter/threat hunter and leader a security team.
I hack everything in planet.
Bounty of Uber, Grab, Yahoo, Crowdstrike, Cloudflare, Twitter, Pornhub, Adobe, Mail.Ru, VK, etc.
I code with free style!
I don’t like certificates, so I don’t have it.
I love working with cloud computing, Programmable Cloud Computing
Sponsors and Supporting Organizations
Networking Lounge Sponsor