Hackers of India

Kubebot - Scaleable and Automated Testing Slackbot with the Backend Running on Kubernetes

By  Anshuman Bhartiya  on 27 Jul 2017 @ Blackhat : Arsenal

This Tool Demo covers following tools where the speaker has contributed or authored
KUBEBOT

Abstract

Security Testing, or for that matter any sort of testing, is still being done in ways that are not really scalable and extensible. Testers like to write their own tools/scripts and run them locally on their system. There are many problems that plague this kind of approach for testing.

We will be discussing some of these problems and releasing a new tool - KubeBot - that was primarily built for automating and scaling bug bounties i.e. something that would run multiple tools on a schedule against multiple targets and only returns back the output from these tools if the output changes.

However, over time, it has proven out to be a more generic framework that can be leveraged as a harness to run any security testing tool and is easily scaleable (because of Kubernetes in the backend). It is extensible and provides a nice front end in the form of a Slackbot so that you can look at the results on a real-time basis.