dedsploit – Framework For Attacking Network Protocols

Framework for attacking network protocols and network exploitation. I. Introduction I don’t look back anymore. I don’t regret. I look forward Aiden Pearce Yes, Watch Dogs has heavily influenced us when writing this framework. This entire…

Wifijammer – Continuously Jam All Wifi Clients/Routers

Continuously jam all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card. Alfa cards seem to effectively jam within about a block radius with heavy access point saturation. Granulari…

deep-pwning – Metasploit for Machine Learning

Deep-pwning is a lightweight framework for experimenting with machine learning models with the goal of evaluating their robustness against a motivated adversary.
Note that deep-pwning in its current state is no where close to maturity or completion. It is meant to be experimented with, expanded upon, and extended by you. Only then can we help it truly become the goto penetration testing toolkit for statistical machine learning models.

Researchers have found that it is surprisingly trivial to trick a machine learning model (classifier, clusterer, regressor etc.) into making an objectively wrong decisions. This field of research is called Adversarial Machine Learning . It is not hyperbole to claim that any motivated attacker can bypass any machine learning system, given enough information and time. However, this issue is often overlooked when architects and engineers design and build machine learning systems. The consequences are worrying when these systems are put into use in critical scenarios, such as in the medical, transportation, financial, or security-related fields.
Hence, when one is evaluating the efficacy of applications using machine learning, their malleability in an adversarial setting should be measured alongside the system’s precision and recall.
This tool was released at DEF CON 24 in Las Vegas, August 2016, during a talk titled Machine Duping 101: Pwning Deep Learning Systems .
This framework is built on top of Tensorflow , and many of the included examples in this repository are modified Tensorflow examples obtained from the Tensorflow GitHub repository .
All of the included examples and code implement deep neural networks , but they can be used to generate adversarial images for similarly tasked classifiers that are not implemented with deep neural networks. This is because of the phenomenon of ‘transferability’ in machine learning, which was Papernot et al. expounded expertly upon in this paper . This means means that adversarial samples crafted with a DNN model A may be able to fool another distinctly structured DNN model B , as well as some other SVM model C .
This figure taken from the aforementioned paper (Papernot et al.) shows the percentage of successful adversarial misclassification for a source model (used to generate the adversarial sample) on a target model (upon which the adversarial sample is tested).

Deep-pwning is modularized into several components to minimize code repetition. Because of the vastly different nature of potential classification tasks, the current iteration of the code is optimized for classifying images and phrases (using word vectors).
These are the code modules that make up the current iteration of Deep-pwning:

  1. Drivers
    The drivers are the main execution point of the code. This is where you can tie the different modules and components together, and where you can inject more customizations into the adversarial generation processes.
  2. Models
    This is where the actual machine learning model implementations are located. For example, the provided lenet5 model definition is located in the model() function witihn . It defines the network as the following:
      -> Input
    -> Convolutional Layer 1
    -> Max Pooling Layer 1
    -> Convolutional Layer 2
    -> Max Pooling Layer 2
    -> Dropout Layer
    -> Softmax Layer
    -> Output

    LeCun et al. LeNet-5 Convolutional Neural Network

  3. Adversarial (advgen)
    This module contains the code that generates adversarial output for the models. The run() function defined in each of these advgen classes takes in an input_dict , that contains several predefined tensor operations for the machine learning model defined in Tensorflow. If the model that you are generating the adversarial sample for is known, the variables in the input dict should be based off that model definition. Else, if the model is unknown, (black box generation) a substitute model should be used/implemented, and that model definition should be used. Variables that need to be passed in are the input tensor placeholder variables and labels (often refered to as x -> input and y_ -> labels), the model output (often refered to as y_conv ), and the actual test data and labels that the adversarial images will be based off of.
  4. Config
    Application configurations.
  5. Utils
    Miscellaneous utilities that don’t belong anywhere else. These include helper functions to read data, deal with Tensorflow queue inputs etc.

These are the resource directories relevant to the application:

  1. Checkpoints
    Tensorflow allows you to load a partially trained model to resume training, or load a fully trained model into the application for evaluation or performing other operations. All these saved ‘checkpoints’ are stored in this resource directory.
  2. Data
    This directory stores all the input data in whatever format that the driver application takes in.
  3. Output
    This is the output directory for all application output, including adversarial images that are generated.

Getting Started

Please follow the directions to install tensorflow found here which will allow you to pick the tensorflow binary to install.

$ pip install -r requirements.txt

Execution Example (with the MNIST driver)
To restore from a previously trained checkpoint. (configuration in config/mnist.conf)

$ cd dpwn
$ python --restore_checkpoint

To train from scratch. (note that any previous checkpoint(s) located in the folder specified in the configuration will be overwritten)

$ cd dpwn
$ python

Task list

  • Implement saliency graph method of generating adversarial samples
  • Add defense module to the project for examples of some defenses proposed in literature
  • Upgrade to Tensorflow 0.9.0
  • Add support for using pretrained word2vec model in sentiment driver
  • Add SVM & Logistic Regression support in models (+ example that uses them)
  • Add non-image and non-phrase classifier example
  • Add multi-GPU training support for faster training speeds


Note that dpwn requires Tensorflow 0.8.0. Tensorflow 0.9.0 introduces some

(borrowed from the amazing Requests repository by kennethreitz)

  • Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
  • Fork the repository on GitHub to start making your changes to the master branch (or branch off of it).
  • Write a test which shows that the bug was fixed or that the feature works as expected.
  • Send a pull request and bug the maintainer until it gets merged and published. 🙂 Make sure to add yourself to .

There is so much impressive work from so many machine learning and security researchers that directly or indirectly contributed to this project, and inspired this framework. This is an inconclusive list of resources that was used or referenced in one way or another:




pwdlyser – Python-based CLI Password Analyser (Reporting Tool)

The ‘pwdlyser’ tool is a Python-based CLI script that automates the arduous process of manually reviewing cracked passwords during password audits following security assessments or penetration tests. There are likely some false positives/negatives, so …

credmap v0.1 – The Credential Mapper

Credmap is an open source tool that was created to bring awareness to the dangers of credential reuse. It is capable of testing supplied user credentials on several known websites to test if the password has been reused on any of these. An official int…

Noriben – Portable, Simple, Malware Analysis Sandbox

Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text…

Vproxy – Forward HTTP/S Traffic To Proxy Instance

If you are familiar with mobile penetration testing and you did one before, you probably came across this kind of situation when you want to intercept the application HTTP or HTTPS traffic using your favorite proxy tool such as Burp Suite, Fiddler, Charles , etc.
After modifying the WIFI connection and adding your proxy host and port there, you should immediately be able to capture the HTTP/S traffic.
However, this kind of method is not always working since some mobile applications are using customized HTTP/S functionalities within the device.
So what you should do in order to capture all of the HTTP/S traffic from the mobile device without breaking you heads? it’s simple, use Vproxy!

Vproxy is a python script that built to quickly configure a PPTP VPN server that will redirect HTTP/S traffic to your favorite proxy instance host. 

System Requirements
This script was built and test on Kali-Linux and should work on any linux distribution


pip install termcolor

Setup VPN server on localip and redirect traffic sent from the clients (80,443) to proxy

$sudo python -localip -phost -pport 8080 -port 80,443

The Goal

  1. Help Penetration Testers conduct mobile security assessment easier
  2. Intercept Mobile HTTP/S traffic from any mobile device

Configuring VPN Videos

Android –

Hakku Framework – Simple Penetration Testing Framework

Hakku is simple framework that has been made for penetration testing tools. Hakku framework offers simple structure, basic CLI, and useful features for penetration testing tools developing. Hakku is on early stages and may be unstable, so please down…

Operative – The Fingerprint Framework

__ _ ____ ____ ___ _________ _/ /_(_) _____ / __ \/ __ \/ _ \/ ___/ __ `/ __/ / | / / _ \/ /_/ / /_/ / __/ / / /_/ / /_/ /| |/ / __/\____/ .___/\___/_/ \__,_/\__/_/ |___/\___/ /_/ This is a fram…

PyJFuzz – Python JSON Fuzzer

PyJFuzz is a small, extensible and ready-to-use framework used to fuzz JSON inputs , such as mobile endpoint REST API, JSON implementation, Browsers, cli executable and much more. Version 1.1.0 Homepag…

SPARTA – Network Infrastructure Penetration Testing Tool

SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and…

netattack – Scan and Attack Wireless Networks

The is a python script that allows you to scan your local area for WiFi Networks and perform deauthentification attacks. The effectiveness and power of this script highly depends on your wireless card.USAGEEASYSCANNING FOR WIFI NETWORKSpyt…