mushikago-femto: automated penetration testing and first aid tool

MUSHIKAGO-femto is an automated penetration testing and first aid tool, which focuses on the verification of post-exploitation.

Features

• Full automatic penetration testing tool
• IT penetration testing
• OT/ICS penetration testing (Only device identification and protocol checking)
• First aid function (Automated patch or inject thin IPS)

Abstract

MUSHIKAGO-femto is an automated penetration testing and first aid tool, which mainly focuses on the verification of post-exploitation. MUSHIKAGO-femto uses game AI technology to select and execute the most appropriate test content based on the environment on spot.

Contents of Penetration testing

• Collecting device information (Only range of private ip addresses)
  • OS
  • NIC vendor
  • Open TCP/IP port
• Collecting User account detection
  • Local user account
  • Local user account password & hash
  • Domain user account
  • Domain user account password & hash
• Collecting OS patch & Vulnerabilities
• Collecting Network information
  • IP address information assigned to the NIC
  • Established network
• Collecting Network drive
• Capturing Network
• Collecting Secret file
  • Pre-designated file (mushikago_secret.txt)
• Collecting Process list
• Collecting Security product process
  • AntiVirus Software
    • Panda
    • Kaspersky
    • Tanium
    • AVG/AVAST
    • SEP (Symantec Endpoint Protection)
    • Windows Defender
    • McAfee
    • Sophos
    • Malwarebytes
  • EDR (Endpoint Detection & Response)
    • Carbon Black
    • CrowdStrike
    • FireEye
    • ESET
    • F-Secure
• Lateral Movement (Mainly Windows only)
  • Exploiting vulnerability
  • Using credentials
• ICS detection
  • ICS Protocol identify
  • ICS vendor identify

Install & Use

Copyright 2021 Powder Keg Technologies