Deep Exploit

Many great publicly available tools appeared lately that use machine learning capabilities to leverage penetration testing to another level. One of these tools is Deep Exploit. It was presented at black hat conference 2018. It is a fully automated penetration test tool linked with metasploit. This great tool uses uses reinforcement learning (self-learning).

It is able to perform the following tasks:

• Intelligence gathering
• Threat modeling
• Vulnerability analysis
• Exploitation
• Post-exploitation
• Reporting

To download Deep Exploit visit its official GitHub repository: https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit.

It is consists of a machine learning model (A3C) and metasploit. This is a high level overview of Deep Exploit architecture:

The required environment to make Deep Exploit works properly is the following:

• Kali Linux 2017.3 (guest OS on VMWare)
  • Memory: 8.0GB
  • Metasploit framework 4.16.15-dev
• Windows 10 Home 64-bit (Host OS)
  • CPU: Intel(R) Core(TM) i7-6500U 2.50GHz
  • Memory: 16.0GB
  • Python 3.6.1 (Anaconda3)
  • TensorFlow 1.4.0
  • Keras 2.1.2