Image credit: [Parameter Security]

ATAT: How to take on the entire rebellion with 2 or 3 stormtroopers - ll3n1GmAll

Image credit: [Parameter Security]

ATAT: How to take on the entire rebellion with 2 or 3 stormtroopers - ll3n1GmAll

Abstract

This talk is about the Attack Team Automation Tool [ATAT]. 3N|GmA wrote this tool to create repeatability and increase efficiency in large scale penetration tests. Are you Feeling Vader’s impending choke hold when large scopes are handed down with numerous targets and a large number of duplicate exploits to be handled across several disparate targets? Do you receive incomplete vulnerability reports from your vulnerability scanners that require you to identify which port each target has the identified service running on? Does your team have to accomplish high volume and high value repeatable penetration tests with industry standard tools at a fraction of the time it would normally take? If the answer to any of these questions is yes, maybe, or just a defeated sigh; then it is time to fire up your brand new ATAT and charge those shield generators like Greedo in a tuxedo! Yeah, I’m not really sure what that last line was supposed to mean either. Just git clone ATAT. You’ll see what I mean.:) – This talk will go over the impetus, origin, and substance of ATAT along with detailing the following features: payload creation, multi-target & multi-port exploitation for an array of different exploit types, multi-target & multi-port auxiliary module functionality, multi-target load balance detection, multi-target masscaning of all TCP ports, multi-target SSLScanning and result parsing, automated MSF & PSE post-exploitation, cross platform (win, Linux, BSD, android) AV evading persistence, Powershell Empire automation, wireless assessment automation – with tons of demos!

Date
Location
Saint Charles, Missouri

Click on the Slides button above to download the slides.

Avatar
David Vaughan
ObsessioExploitio, Passionate Distributor of Knowledge, InfosecDentist, Penetration Tester, Lock Exploiter, BSidesSTL Co-Founder, 31337 80X (Elite Box) Founder

3N|GmA is a lifelong security addict/enthusiast who began his journey back in the days of AOL 2.0/2.5, LuciferX, Methodus Toolz, Lethal Fragment, sub7, etc. He was instantly “Addicted from the start and it wasn’t endin’ soon”. 3N|GmA developed a passion for penetration testing and learning how to make things work; especially things that were never designed to work. Fast forward through times better left undocumented; and as a result, he became a full time penetration tester, co-founder of BSidesSTL, and lock pick village guy thanks to Irongeek & Parameter Security.