Abstract

Toliman is a Hadoop Penetration Testing and Security Audit tool with the following main objectives: Evaluate how secure is a given Hadoop Deployment, and develop a Swiss Knife for Hadoop Pentesting and Security Audit. It is one of the first tools of its kind and we hope that it will a long way in this direction.

Some of the capabilities of the tool are as follows:

Hadoop Version Detection (< 2.x or > 2.x) Services Identification Fingerprinting Security Audit of Configuration Validate Authentication and Authorization Stealing Sensitive Information Exploitation Modules: Malicious MR Job, Container Permission Analysis Toliman will have following modes:

Information Gathering (IG) Configuration Audit (AG) Safe Exploitation (S-EX) Thunder (Complete Exploitation)