Attack Planning

Today penetration testing is a highly manual practice, which requires an knowledgeable operator with the right toolset. Some task performed by penetration testers have been automated by complex tools, such as Core Impact. Yet the pen-testing requires making decisions as to which is the best next step and being able to judge the information available after each step.

We are interested in solving this problem: The user is able to input a scenario and attack goals, and the solution then considers possible attack paths before selecting an optimal one. One may choose to gain root privileges on a machine with a given IP address minimizing the time; or to delete the database in a given server maximizing stealth capabilities, etc. The solution automatically crafts the planning, step-by-step, required to achieve each goal. Each step must be an action in the pen-testing framework at use.

Publications