Towards Scalable Automated Vulnerability Scanning & Exploitation

Offensive security assessments, where expert hackers attack a network to document vulnerabilities that can be exploited, are one way to approach network security.

These assessments provide useful insights but can often be time consuming and expensive. Automating offensive security assessments can decrease time and monetary

expenses. Current works on automating offensive security assessments focus on exploitation or post-exploitation actions, but not both. We present the Scalable Automated Vulnerability scanning & Exploitation Tool (SAVE-T) which is comprised of additions to an existing automated tool for offensive security assessments. The additions made here add support for various architectures, exploitation capabilities, service fingerprinting, and enhanced decision making conditions. SAVE-T allows an automated system to perform both exploitation and post-exploitation actions to provide more coverage and reliability for automated offensive security assessments in a scalable manner.

We demonstrate the tool on networks of increasing size containing Windows workstation operating systems from XP to Windows 10, Windows server operating systems

from Server '08 R2 to Server 2016, Ubuntu, and IoT devices such as Raspberry Pi and IP cameras.