Hackers of India

Wolverine

By  Furqan Khan   Siddharth Anbalahan  on 06 Mar 2020 @ Nullcon

This Tool Demo covers following tools where the speaker has contributed or authored
WOLVERINE

Abstract

The tool orchestrates the capabilities of multiple other open source tools in Kali-Linux, and furthermore makes great use of parallel processing, thereby reducing scan and exploitation time. Wolverine is built on top of python and Django stack and leverages rabbit-mq and celery for scheduling and queuing capabilities. The tool has nessus like GUI with a 3 tier architecture. The tool has some cool features worth mentioning given as under:

Port Scanning: The tool makes use of our favorite tool : Nmap to conduct port scanning using a python wrapper. It’s worth mentioning that our tool performs port scanning 40% faster than Nmap. The improvement in speed has to do with the concurrency and parallelism the tool offers. We shall talk more on this in the coming section. Service Scanning and Orchestration : The tool makes use of tools such as : Nmap Nse ,metasploit auxiliary , w3af ,sql-map , dns-enum , nbtscan , enum4linux , hydra , burp-suite(api) , external Python, Ruby, Perl scripts, Metasploit modules, packet sniffing/Wireshark , other cli-utilities and it exhaustively uses all kind kali Linux tools (both terminal and api) ,open source scripts which are used during the enumeration phase of pen testing. Again the service scanning also makes use of multi-processing , thereby reducing the scan time at the same time improves the enumeration results by using exhaustive number of tools / scripts. Machine Learning / ANN for predictive analysis : After service enumeration gets over , the tool makes use of a trained ANN model , to predict weather an executed test for enumeration is reporting service vulnerability or not. Based on the analysis an intermediate report is produced. Service Exploitation: The tool makes a heavy use of metasploit in order to carry out service exploitation. The results from predictive analysis suggest which metasploit exploit module can be used and automatically invokes metasploit with relevant parameters. The tool also makes use of many open source exploits from exploit db for service exploitation. AScan Profiles: The tool gives user the options to configure scan profiles that enables a user to select custom test cases against each service to be executed. Pausing resuming & Scheduling Scans: The tool gives the ability to conduct scheduled scans. Both on demand and scheduled scans can be paused and resumed. Authenticated Scans : the tool has the capability to conduct authenticated scans (smb-windows , ssh-Linux) , and conduct service enumeration , to see if there are weak file permissions ,unpatched kernel or other vectors that may lead to privilege escalation. Asset Inventory & vulnerability history: The tool maintains an asset inventory list and has the capability to tag vulnerabilities as new, existing and open as per historic scans. Orchestration with open source tools: The tool can integrate with any cli or api based open source tool without requiring any change in code. The tool uses a master catalogue that contains mapping of tools that need to get invoked for service enumeration. At any point in time, if a new tool needs to get integrated, one just needs to update the master configuration / catalogue file. Orchestration with commercial tools: The tool has the capability to integrate with other scanners such as nessus, burp suite-api, net sparker, in order to compliment the results. Open API’s: The tool is built on top of rest API, and therefore can very easily integrate with other tools. Scan Modes : The tool operates in 3 modes given as under : On demand (Scanning and Exploitation) Scheduled (Scanning & Exploitation) Sequential - On-Demand (Scanning , Reconfigure and exploitation) Terminal automation: the tool not only automates/orchestrates API based tools, it further has the capability to automate any command line tool or utility by making use of terminal automation which is powered by pexpect.