This talk is about the Attack Team Automation Tool [ATAT]. 3N|GmA wrote this tool to create repeatability and increase efficiency in large scale penetration tests. Are you Feeling Vader’s impending choke hold when large scopes are handed down with numerous targets and a large number of duplicate exploits to be handled across several disparate targets? Do you receive incomplete vulnerability reports from your vulnerability scanners that require you to identify which port each target has the identified service running on? Does your team have to accomplish high volume and high value repeatable penetration tests with industry standard tools at a fraction of the time it would normally take? If the answer to any of these questions is yes, maybe, or just a defeated sigh; then it is time to fire up your brand new ATAT and charge those shield generators like Greedo in a tuxedo! Yeah, I’m not really sure what that last line was supposed to mean either. Just git clone ATAT. You’ll see what I mean.:) – This talk will go over the impetus, origin, and substance of ATAT along with detailing the following features: payload creation, multi-target & multi-port exploitation for an array of different exploit types, multi-target & multi-port auxiliary module functionality, multi-target load balance detection, multi-target masscaning of all TCP ports, multi-target SSLScanning and result parsing, automated MSF & PSE post-exploitation, cross platform (win, Linux, BSD, android) AV evading persistence, Powershell Empire automation, wireless assessment automation – with tons of demos!
Click on the Slides button above to download the slides.