Skip to content

Home

Jump to bottom
Mr.Rabbit edited this page Jan 24, 2022 · 3 revisions

PAKURI-THON

Pentest Achieve Knowledge Unite Rapid Interface - Python
PAKURI-THON is a tool that supports pentesters with various pentesting tools and C4 server (command & control and chat & communication server). PAKURI-THON can perform most of the operations with intuitive web operations and commands to chatbots.

What is PAKURI

I've consulted many pentesting tools. I then took the good points of those tools and incorporated them into my own tools. In Japanese slang, imitation is also called "paku-ru".

ぱくる (godan conjugation, hiragana and katakana パクる, rōmaji pakuru)

  1. eat with a wide open mouth
  2. steal when one isn't looking, snatch, swipe
  3. copy someone's idea or design
  4. nab, be caught by the police

Wiktionary:ぱくる

Why Develop this Tool?

PAKURI-THON is an upgraded version of PAKURI that was presented at the 2020 Blackhat Asia Arsenal. After the COVID-19 pandemic, the way we work has changed drastically and working remotely from home instead of going to the office has become the norm. This change in the way we work has increased security risks, raised awareness of security and increased the demand for pen testing.
However, there is still a shortage of security personnel in Japan. As the workload increases while the manpower does not, pen-testing becomes a monotonous and boring job, lowering the quality.
So, if we automate the boring and simple work, the machine will do the same work over and over again with accuracy, but is that really enough? Pen testing tools are also becoming more and more automated, but is that really enough?
I don't think so. I don't want to let machines take all the fun out of my life. But I don't like boring work. So I decided to enjoy boring work together with machines. The answer is PAKURI-THON.
PAKURI-THON was rebuilt in Python to improve the usability of PAKURI. As a result, it implements a web interface, making it much more intuitive and stylish than before. Specifically, once PAKURI-THON is connected to the target network, it can be operated from a smartphone or tablet.
You can also use chat to share information with your team. Also, most operations can be solved by giving instructions to the bot. Therefore, there is no need to switch the method of information sharing when working with a team. Best of all, wouldn't it be cool to be able to do a pen test just by talking to the machine using your smartphone, just like the hacker in the movie?

Clone this wiki locally