Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcement Learning
===
:::info
- **Date:** Oct.30th 15:50-16:20
- **Speaker:** Isao_Takaesu
- **Category:** Bluebox - 1F HALL
> DeepExploit is fully automated penetration testing tool using Deep Reinforcement Learning. It identifies the status of all opened ports on the target server and executes the exploit at pinpoint. DeepExploit’s key features are the following:<br><br>1) Efficiently execute exploit:<br>DeepExploit can execute exploits at pinpoint (minimum 1 attempt).<br><br>2) Deep penetration:<br>If DeepExploit succeeds the exploit to the target server (=compromised server) with in the perimeter network, then it executes the exploit to internal servers via compromised server.<br><br>3) Self-learning:<br>DeepExploit can learn how to exploitation by itself.<br><br>By using our DeepExploit, you will benefit from the following:<br><br>For penetration testers:<br>(a) They can greatly improve the test efficiency;<br>(b) The more penetration testers use DeepExploit, DeepExploit learns how to method of exploitation using Deep Reinforcement learning. As a result, accuracy of test can be improved.<br><br>For Information Security Officers:<br>(c) They can quickly identify vulnerabilities of own servers. As a result, prevent that attackers attack to your servers using vulnerabilities, and protect your reputation by avoiding the negative media coverage after breach.<br>Because attack methods to servers are evolving day by day, there is no guarantee that yesterday’s security countermeasures are safety today. It is necessary to quickly find vulnerabilities and take countermeasures. DeepExploit will contribute greatly to maintaining your safety.
:::
###### tags: `CODEBLUE2019` `CODEBLUE`