Automated computer system security compromise
First Claim
1. A system for performing penetration testing of a target computer network by installing a remote agent in the target computer network, the system comprising:
- a local agent provided in a console and configured to receive and execute commands, wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language;
a user interface provided in the console and configured to send commands to and receive information from the local agent, process the information, and present the processed information;
a database configured to store the information received from the local agent;
a network interface connected to the local agent and configured to communicate via a network with the remote agent installed in the target computer network; and
security vulnerability exploitation modules for execution by the local agent and/or the remote agent.
13 Assignments
0 Petitions
Accused Products
Abstract
A system is provided for performing penetration testing of a target computer network by installing a remote agent in the target computer network. The system includes a local agent provided in a computer console and configured to receive and execute commands. A user interface is provided in the console and configured to send commands to and receive information from the local agent, process the information, and present the processed information. A database is configured to store the information received from the local agent. A network interface is connected to the local agent and configured to communicate with the remote agent installed in the target computer network via a network. Security vulnerability exploitation modules are provided for execution by the local agent and/or the remote agent.
70 Citations
15 Claims
-
1. A system for performing penetration testing of a target computer network by installing a remote agent in the target computer network, the system comprising:
- a local agent provided in a console and configured to receive and execute commands, wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language;
a user interface provided in the console and configured to send commands to and receive information from the local agent, process the information, and present the processed information;
a database configured to store the information received from the local agent;
a network interface connected to the local agent and configured to communicate via a network with the remote agent installed in the target computer network; and
security vulnerability exploitation modules for execution by the local agent and/or the remote agent. - View Dependent Claims (2, 3)
- a local agent provided in a console and configured to receive and execute commands, wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language;
-
4. A method for performing penetration testing of a target computer network, comprising:
- installing a remote agent in the target computer network;
executing a command using a local agent provided in a console, wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language;
receiving information from the local agent in a user interface provided in the console;
presenting the information received from the local agent to a user;
storing the information received from the local agent in a database;
communicating via a network with the remote agent installed in the target computer network; and
providing security vulnerability exploitation modules for execution by the local agent and/or the remote agent. - View Dependent Claims (5, 6)
- installing a remote agent in the target computer network;
-
7. A system for performing penetration testing of a target computer network, the system comprising:
- a memory; and
a processor configured by the memory to perform the steps of;
installing a remote agent in the target computer network;
executing a command using a local agent provided in a console, wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language;
receiving information from the local agent in a user interface provided in the console;
presenting the information received from the local agent to a user;
storing the information received from the local agent in a database;
communicating via a network with the remote agent installed in the target computer network; and
providing security vulnerability exploitation modules for execution by the local agent and/or the remote agent. - View Dependent Claims (8, 9)
- a memory; and
-
10. A method for performing penetration testing of a target network, comprising the steps of:
- executing a first module in a console having a user interface, the first module being configured to exploit a security vulnerability in a first target host of the target network;
installing a first remote agent in the first target host, the first remote agent being configured to communicate with the console and a second remote agent; and
executing a second module in the first remote agent, the second module being configured to exploit a security vulnerability in a second target host of the target network, wherein the console further comprises a local agent wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language. - View Dependent Claims (11)
- executing a first module in a console having a user interface, the first module being configured to exploit a security vulnerability in a first target host of the target network;
-
12. A system for performing penetration testing of a target network, comprising:
- a console having a user interface;
a first module configured to execute in the console to exploit a security vulnerability in a first target host of the target network;
a first remote agent installed in the first target host, the first remote agent being configured to communicate with the console and a second remote agent; and
a second module configured to execute in the first remote agent to exploit a security vulnerability in a second target host of the target network, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language. - View Dependent Claims (13)
- a console having a user interface;
-
14. A system for performing penetration testing of a target network, the system comprising:
- a memory; and
a processor configured by the memory to perform the steps of;
executing a first module in a console having a user interface, the first module being configured to exploit a security vulnerability in a first target host of the target network;
installing a first remote agent in the first target host, the first remote agent being configured to communicate with the console and a second remote agent; and
executing a second module in the first remote agent, the second module being configured to exploit a security vulnerability in a second target host of the target network, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language. - View Dependent Claims (15)
- a memory; and
Specification