Tested - Kali 2022.1

Description

With this tool written for endpoint security, attack vectors will be carried out from different networks for vulnerable web applications to be located at the endpoint. It is a cyber security control verification platform made to check how many attack vectors are passed by security devices between two networks. It has been developed to be explained in trainings.

Features

Information is collected in the following contents.

Vulnerable SOAP Service Command Injection Control

Vulnerable SOAP Service SQL Injection Control

Vulnerable SOAP Service Information Disclosure Control

Vulnerable SOAP Service LFI Control

Vulnerable Flask App. SQL Injection Control

Vulnerable Flask App. HTML Injection Control

Vulnerable Flask App. SSTI Control

Vulnerable Flask App. Command Injection Control

Installation

git clone https://github.com/anil-yelken/cyber-security-control-validation-platform

cd cyber-security-control-validation-platform

sudo pip3 install -r requirements.txt

Usage

First, the servers are located and run on the internal network.

The control.py that will attack is placed on the desired network and run.

Contact

https://twitter.com/anilyelken06

https://medium.com/@anilyelken

https://github.com/anil-yelken