GyoiThon: growing penetration test tool using Machine Learning

GyoiThon: growing penetration test tool using Machine Learning

Category : Blog

GyoiThon

GyoiThon is a growing penetration test tool using Deep Learning. Deep Learning improves classification accuracy in proportion to the amount of learning data. Therefore, GyoiThon will be taking in new learning data during every scan. Since GyoiThon uses various features of software included in HTTP response as learning data, the more you scan, the more the accuracy of software detection improves. For this reason, GyoiThon is a growing penetration test tool.

GyoiThon identifies the software installed on web server (OS, Middleware, Framework, CMS, etc…) based on the learning data. After that, GyoiThon executes valid exploits for the identified software. GyoiThon automatically generates reports of scan results. GyoiThon executes the above processing automatically.

GyoiThon

 

GyoiThon consists of three engines:

  • Software analysis engine – It identifies software based on HTTP response obtained by normal access to web server using Deep Learning base and signature base.
  • Vulnerability determination engine – It collects vulnerability information corresponding to identify software by the software analysis engine. And, the engine executes an exploit corresponding to the vulnerability of the software and checks whether the software is affected by the vulnerability.
  • Report generation engine – It generates a report that summarizes the risks of vulnerabilities and the countermeasure.

engine

 

Processing flow:

Step 1. Gather HTTP responses.

Gathers several HTTP responses of target website while crawling.

HTTP

 

Step 2. Identify product name.

It identifies product name installed on web server using following two methods.

product

 

1. Based on Machine Learning.

By using Machine Learning (Naive Bayes), it identifies software based on a combination of slightly different features (Etag value, Cookie value, specific HTML tag etc.) for each software. Naive Bayes is learned using the training data which example below (Training data). Unlike the signature base, Naive Bayes is stochastically identified based on various features included in HTTP response when it cannot be identified software in one feature.

Machine

 

2. Based on String matching.

It can identify the CMS Drupal. It is very easy.

Drupal

Step 3. Exploit using Metasploit.

Executes exploit corresponding to the identified software using Metasploit and it checks whether the software is affected by the vulnerability.

Metasploit

 

Step 4. Generate scan report.

Generates a report that summarizes vulnerabilities. Report’s style is html.

report

 

Most Popular Training Courses at Indian Cyber Security Solutions:

 

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training

Android Training

 

Cybersecurity services that can protect your company:

 

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery


Leave a Reply

Show Buttons
Hide Buttons