GyoiThon is a growing penetration test tool using Deep Learning. Deep Learning improves classification accuracy in proportion to the amount of learning data. Therefore, GyoiThon will be taking in new learning data during every scan. Since GyoiThon uses various features of software included in HTTP response as learning data, the more you scan, the more the accuracy of software detection improves. For this reason, GyoiThon is a growing penetration test tool.
GyoiThon identifies the software installed on web server (OS, Middleware, Framework, CMS, etc…) based on the learning data. After that, GyoiThon executes valid exploits for the identified software. GyoiThon automatically generates reports of scan results. GyoiThon executes the above processing automatically.
GyoiThon consists of three engines:
- Software analysis engine – It identifies software based on HTTP response obtained by normal access to web server using Deep Learning base and signature base.
- Vulnerability determination engine – It collects vulnerability information corresponding to identify software by the software analysis engine. And, the engine executes an exploit corresponding to the vulnerability of the software and checks whether the software is affected by the vulnerability.
- Report generation engine – It generates a report that summarizes the risks of vulnerabilities and the countermeasure.
Traditional penetration testing tools are very inefficient because they execute all signatures; however, unlike traditional penetration testing tools, GyoiThon is very efficient because it executes only valid exploits for the identified software. As a result, the user’s burden will be greatly reduce, and GyoiThon will greatly contribute to the security improvement of many web servers.